Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/magento/community-edition@2.4.5-p5
Typecomposer
Namespacemagento
Namecommunity-edition
Version2.4.5-p5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.6-p13
Latest_non_vulnerable_version2.4.9-alpha3
Affected_by_vulnerabilities
0
url VCID-16x4-fjuv-hbc4
vulnerability_id VCID-16x4-fjuv-hbc4
summary 
Magento Open Source allows Cross-Site Request Forgery (CSRF)
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to trick a victim into performing actions they did not intend to do, which could be used to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction, typically in the form of the victim clicking a link or visiting a malicious website.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-20718
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.30601
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-20718
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-03.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-29T17:27:46Z/
url https://helpx.adobe.com/security/products/magento/apsb24-03.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20718
reference_id CVE-2024-20718
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-20718
4
reference_url https://github.com/advisories/GHSA-hqgj-4396-hmxv
reference_id GHSA-hqgj-4396-hmxv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hqgj-4396-hmxv
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p6
purl pkg:composer/magento/community-edition@2.4.5-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3hcd-r9gs-cfgh
4
vulnerability VCID-4w8w-6563-3kfb
5
vulnerability VCID-5bn1-w5sa-ubft
6
vulnerability VCID-6srg-smmw-hycj
7
vulnerability VCID-94sc-9fyk-2uay
8
vulnerability VCID-9gte-ub5c-mqas
9
vulnerability VCID-a2mn-k8qn-j7c9
10
vulnerability VCID-ctr3-kt63-hybf
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-enwr-t7r8-xyge
13
vulnerability VCID-euam-6b48-suhg
14
vulnerability VCID-f5jj-23tj-wkbu
15
vulnerability VCID-f6vc-8z9a-cqej
16
vulnerability VCID-ft2p-3a61-wudj
17
vulnerability VCID-gf2z-99wt-3qcg
18
vulnerability VCID-hbre-ty72-g7gy
19
vulnerability VCID-hcbc-9c78-yye6
20
vulnerability VCID-hwb9-yxzn-zub5
21
vulnerability VCID-k55s-dcep-mbbk
22
vulnerability VCID-mgxx-zdm4-9fe7
23
vulnerability VCID-ntcr-n7fp-j3ab
24
vulnerability VCID-pqpk-dh2p-4yc8
25
vulnerability VCID-qxz4-rh86-cfcu
26
vulnerability VCID-rgfy-hqz1-zyb4
27
vulnerability VCID-rv3b-5ja1-dkdv
28
vulnerability VCID-tk7j-4vsm-e7c6
29
vulnerability VCID-u3gt-rhgh-p7ax
30
vulnerability VCID-v7ru-7kga-2bet
31
vulnerability VCID-vvzs-mjes-e3eq
32
vulnerability VCID-xm9z-aqhf-uqft
33
vulnerability VCID-y9ew-ydqv-4kbf
34
vulnerability VCID-z8qf-cqwg-zkan
35
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6
1
url pkg:composer/magento/community-edition@2.4.6-p4
purl pkg:composer/magento/community-edition@2.4.6-p4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3sn5-689e-cbhk
9
vulnerability VCID-3v4v-ysx5-77gs
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4w8w-6563-3kfb
13
vulnerability VCID-5bn1-w5sa-ubft
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-6srg-smmw-hycj
20
vulnerability VCID-7dbc-v42e-j7d6
21
vulnerability VCID-7dzy-1fxw-xfes
22
vulnerability VCID-8crc-kmpq-63bd
23
vulnerability VCID-94sc-9fyk-2uay
24
vulnerability VCID-96gx-zvab-yyhe
25
vulnerability VCID-9rdk-3631-eqcw
26
vulnerability VCID-a2mn-k8qn-j7c9
27
vulnerability VCID-ac6e-denb-w7hy
28
vulnerability VCID-ctr3-kt63-hybf
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-enwr-t7r8-xyge
33
vulnerability VCID-euam-6b48-suhg
34
vulnerability VCID-ewjp-uxup-gqex
35
vulnerability VCID-f5jj-23tj-wkbu
36
vulnerability VCID-f6vc-8z9a-cqej
37
vulnerability VCID-ft2p-3a61-wudj
38
vulnerability VCID-gdh1-vff1-cfc2
39
vulnerability VCID-gf2z-99wt-3qcg
40
vulnerability VCID-hcbc-9c78-yye6
41
vulnerability VCID-hwb9-yxzn-zub5
42
vulnerability VCID-jbs3-xb4d-j3gz
43
vulnerability VCID-jbzd-yjne-6ucr
44
vulnerability VCID-jehy-k235-4ua9
45
vulnerability VCID-jnsk-z1qy-8uh7
46
vulnerability VCID-k55s-dcep-mbbk
47
vulnerability VCID-khdx-kb5m-qyd7
48
vulnerability VCID-kumb-xzbe-5fb3
49
vulnerability VCID-mcuv-294k-5qc4
50
vulnerability VCID-mgxx-zdm4-9fe7
51
vulnerability VCID-mwg1-4tbg-53cg
52
vulnerability VCID-ntcr-n7fp-j3ab
53
vulnerability VCID-p84d-d8gt-ukck
54
vulnerability VCID-pqpk-dh2p-4yc8
55
vulnerability VCID-qsq4-2nz1-p7hu
56
vulnerability VCID-qxz4-rh86-cfcu
57
vulnerability VCID-rgfy-hqz1-zyb4
58
vulnerability VCID-rhp2-bwp6-k3d4
59
vulnerability VCID-rv3b-5ja1-dkdv
60
vulnerability VCID-t1ba-h3yd-yydc
61
vulnerability VCID-t5m6-39fh-zfhg
62
vulnerability VCID-tn7z-sztq-hbax
63
vulnerability VCID-u3gt-rhgh-p7ax
64
vulnerability VCID-v7r7-xtq1-gug6
65
vulnerability VCID-v7ru-7kga-2bet
66
vulnerability VCID-vthq-tuqs-5fg9
67
vulnerability VCID-vvzs-mjes-e3eq
68
vulnerability VCID-wdvt-5z3a-5bc2
69
vulnerability VCID-xde9-dz52-1fgp
70
vulnerability VCID-xm9z-aqhf-uqft
71
vulnerability VCID-y9ew-ydqv-4kbf
72
vulnerability VCID-yh52-jggb-jfgx
73
vulnerability VCID-z8qf-cqwg-zkan
74
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-20718, GHSA-hqgj-4396-hmxv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16x4-fjuv-hbc4
1
url VCID-1wxk-rhfp-qqgp
vulnerability_id VCID-1wxk-rhfp-qqgp
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39401
reference_id
reference_type
scores
0
value 0.0264
scoring_system epss
scoring_elements 0.85973
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39401
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:32Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39401
reference_id CVE-2024-39401
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39401
4
reference_url https://github.com/advisories/GHSA-8frp-pxq2-3gpq
reference_id GHSA-8frp-pxq2-3gpq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8frp-pxq2-3gpq
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39401, GHSA-8frp-pxq2-3gpq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1wxk-rhfp-qqgp
2
url VCID-1yj1-79jb-wyht
vulnerability_id VCID-1yj1-79jb-wyht
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34104
reference_id
reference_type
scores
0
value 0.00617
scoring_system epss
scoring_elements 0.70281
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34104
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
3
reference_url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
4
reference_url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
5
reference_url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
6
reference_url https://helpx.adobe.com/security/products/magento/apsb24-40.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:48:20Z/
url https://helpx.adobe.com/security/products/magento/apsb24-40.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34104
reference_id CVE-2024-34104
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34104
8
reference_url https://github.com/advisories/GHSA-wwj3-573j-rvvm
reference_id GHSA-wwj3-573j-rvvm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wwj3-573j-rvvm
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p8
purl pkg:composer/magento/community-edition@2.4.5-p8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-2495-ugn7-v7fk
2
vulnerability VCID-3hcd-r9gs-cfgh
3
vulnerability VCID-4w8w-6563-3kfb
4
vulnerability VCID-5bn1-w5sa-ubft
5
vulnerability VCID-94sc-9fyk-2uay
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a2mn-k8qn-j7c9
8
vulnerability VCID-ctr3-kt63-hybf
9
vulnerability VCID-d372-f5hu-1bhr
10
vulnerability VCID-enwr-t7r8-xyge
11
vulnerability VCID-euam-6b48-suhg
12
vulnerability VCID-f5jj-23tj-wkbu
13
vulnerability VCID-f6vc-8z9a-cqej
14
vulnerability VCID-ft2p-3a61-wudj
15
vulnerability VCID-gf2z-99wt-3qcg
16
vulnerability VCID-hbre-ty72-g7gy
17
vulnerability VCID-hcbc-9c78-yye6
18
vulnerability VCID-ntcr-n7fp-j3ab
19
vulnerability VCID-qxz4-rh86-cfcu
20
vulnerability VCID-rgfy-hqz1-zyb4
21
vulnerability VCID-tk7j-4vsm-e7c6
22
vulnerability VCID-u3gt-rhgh-p7ax
23
vulnerability VCID-v7ru-7kga-2bet
24
vulnerability VCID-vvzs-mjes-e3eq
25
vulnerability VCID-xm9z-aqhf-uqft
26
vulnerability VCID-y9ew-ydqv-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8
1
url pkg:composer/magento/community-edition@2.4.6-p6
purl pkg:composer/magento/community-edition@2.4.6-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3hcd-r9gs-cfgh
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3wnx-e9kp-fkg7
10
vulnerability VCID-46mz-swkk-suhn
11
vulnerability VCID-4w8w-6563-3kfb
12
vulnerability VCID-5bn1-w5sa-ubft
13
vulnerability VCID-5du3-fvj3-87h7
14
vulnerability VCID-5fmh-e4j7-nbcf
15
vulnerability VCID-5tkb-ngcw-t7ap
16
vulnerability VCID-6g84-aswq-5kfb
17
vulnerability VCID-6mxj-tzme-zyhb
18
vulnerability VCID-7dbc-v42e-j7d6
19
vulnerability VCID-7dzy-1fxw-xfes
20
vulnerability VCID-8crc-kmpq-63bd
21
vulnerability VCID-94sc-9fyk-2uay
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9rdk-3631-eqcw
24
vulnerability VCID-a2mn-k8qn-j7c9
25
vulnerability VCID-ac6e-denb-w7hy
26
vulnerability VCID-ctr3-kt63-hybf
27
vulnerability VCID-d6u8-dhmd-x3ed
28
vulnerability VCID-dqfx-d99q-jyd1
29
vulnerability VCID-ekn2-uahd-4qgw
30
vulnerability VCID-enwr-t7r8-xyge
31
vulnerability VCID-euam-6b48-suhg
32
vulnerability VCID-ewjp-uxup-gqex
33
vulnerability VCID-f5jj-23tj-wkbu
34
vulnerability VCID-f6vc-8z9a-cqej
35
vulnerability VCID-ft2p-3a61-wudj
36
vulnerability VCID-gdh1-vff1-cfc2
37
vulnerability VCID-gf2z-99wt-3qcg
38
vulnerability VCID-hcbc-9c78-yye6
39
vulnerability VCID-jbs3-xb4d-j3gz
40
vulnerability VCID-jbzd-yjne-6ucr
41
vulnerability VCID-jehy-k235-4ua9
42
vulnerability VCID-jnsk-z1qy-8uh7
43
vulnerability VCID-khdx-kb5m-qyd7
44
vulnerability VCID-kumb-xzbe-5fb3
45
vulnerability VCID-mcuv-294k-5qc4
46
vulnerability VCID-mwg1-4tbg-53cg
47
vulnerability VCID-ntcr-n7fp-j3ab
48
vulnerability VCID-p84d-d8gt-ukck
49
vulnerability VCID-qsq4-2nz1-p7hu
50
vulnerability VCID-qxz4-rh86-cfcu
51
vulnerability VCID-rgfy-hqz1-zyb4
52
vulnerability VCID-rhp2-bwp6-k3d4
53
vulnerability VCID-t1ba-h3yd-yydc
54
vulnerability VCID-t5m6-39fh-zfhg
55
vulnerability VCID-tn7z-sztq-hbax
56
vulnerability VCID-u3gt-rhgh-p7ax
57
vulnerability VCID-v7r7-xtq1-gug6
58
vulnerability VCID-v7ru-7kga-2bet
59
vulnerability VCID-vthq-tuqs-5fg9
60
vulnerability VCID-vvzs-mjes-e3eq
61
vulnerability VCID-wdvt-5z3a-5bc2
62
vulnerability VCID-xde9-dz52-1fgp
63
vulnerability VCID-xm9z-aqhf-uqft
64
vulnerability VCID-y9ew-ydqv-4kbf
65
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-34104, GHSA-wwj3-573j-rvvm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yj1-79jb-wyht
3
url VCID-2495-ugn7-v7fk
vulnerability_id VCID-2495-ugn7-v7fk
summary 
Magento vulnerable to stored Cross-Site Scripting (XSS)
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54266
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.18113
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54266
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb25-94.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/
url https://helpx.adobe.com/security/products/magento/apsb25-94.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-54266
reference_id CVE-2025-54266
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-54266
4
reference_url https://github.com/advisories/GHSA-pcrx-r49h-x2w5
reference_id GHSA-pcrx-r49h-x2w5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pcrx-r49h-x2w5
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.6-p13
purl pkg:composer/magento/community-edition@2.4.6-p13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13
1
url pkg:composer/magento/community-edition@2.4.7-p8
purl pkg:composer/magento/community-edition@2.4.7-p8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8
2
url pkg:composer/magento/community-edition@2.4.8-p3
purl pkg:composer/magento/community-edition@2.4.8-p3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3
3
url pkg:composer/magento/community-edition@2.4.9-alpha3
purl pkg:composer/magento/community-edition@2.4.9-alpha3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3
aliases CVE-2025-54266, GHSA-pcrx-r49h-x2w5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2495-ugn7-v7fk
4
url VCID-3hcd-r9gs-cfgh
vulnerability_id VCID-3hcd-r9gs-cfgh
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39419
reference_id
reference_type
scores
0
value 0.00233
scoring_system epss
scoring_elements 0.46269
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39419
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:00Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39419
reference_id CVE-2024-39419
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39419
4
reference_url https://github.com/advisories/GHSA-74w7-cr4v-wf2v
reference_id GHSA-74w7-cr4v-wf2v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-74w7-cr4v-wf2v
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39419, GHSA-74w7-cr4v-wf2v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3hcd-r9gs-cfgh
5
url VCID-4w8w-6563-3kfb
vulnerability_id VCID-4w8w-6563-3kfb
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39411
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.54108
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39411
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:14Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39411
reference_id CVE-2024-39411
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39411
4
reference_url https://github.com/advisories/GHSA-qm77-mqf3-fmhq
reference_id GHSA-qm77-mqf3-fmhq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qm77-mqf3-fmhq
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39411, GHSA-qm77-mqf3-fmhq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4w8w-6563-3kfb
6
url VCID-5bn1-w5sa-ubft
vulnerability_id VCID-5bn1-w5sa-ubft
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39413
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.54108
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39413
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:47Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39413
reference_id CVE-2024-39413
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39413
4
reference_url https://github.com/advisories/GHSA-8w5f-8992-g86j
reference_id GHSA-8w5f-8992-g86j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8w5f-8992-g86j
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39413, GHSA-8w5f-8992-g86j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bn1-w5sa-ubft
7
url VCID-6srg-smmw-hycj
vulnerability_id VCID-6srg-smmw-hycj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34105
reference_id
reference_type
scores
0
value 0.01961
scoring_system epss
scoring_elements 0.83806
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34105
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
3
reference_url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
4
reference_url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
5
reference_url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
6
reference_url https://helpx.adobe.com/security/products/magento/apsb24-40.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:04:12Z/
url https://helpx.adobe.com/security/products/magento/apsb24-40.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34105
reference_id CVE-2024-34105
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34105
8
reference_url https://github.com/advisories/GHSA-5632-wq7m-gfq9
reference_id GHSA-5632-wq7m-gfq9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5632-wq7m-gfq9
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p8
purl pkg:composer/magento/community-edition@2.4.5-p8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-2495-ugn7-v7fk
2
vulnerability VCID-3hcd-r9gs-cfgh
3
vulnerability VCID-4w8w-6563-3kfb
4
vulnerability VCID-5bn1-w5sa-ubft
5
vulnerability VCID-94sc-9fyk-2uay
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a2mn-k8qn-j7c9
8
vulnerability VCID-ctr3-kt63-hybf
9
vulnerability VCID-d372-f5hu-1bhr
10
vulnerability VCID-enwr-t7r8-xyge
11
vulnerability VCID-euam-6b48-suhg
12
vulnerability VCID-f5jj-23tj-wkbu
13
vulnerability VCID-f6vc-8z9a-cqej
14
vulnerability VCID-ft2p-3a61-wudj
15
vulnerability VCID-gf2z-99wt-3qcg
16
vulnerability VCID-hbre-ty72-g7gy
17
vulnerability VCID-hcbc-9c78-yye6
18
vulnerability VCID-ntcr-n7fp-j3ab
19
vulnerability VCID-qxz4-rh86-cfcu
20
vulnerability VCID-rgfy-hqz1-zyb4
21
vulnerability VCID-tk7j-4vsm-e7c6
22
vulnerability VCID-u3gt-rhgh-p7ax
23
vulnerability VCID-v7ru-7kga-2bet
24
vulnerability VCID-vvzs-mjes-e3eq
25
vulnerability VCID-xm9z-aqhf-uqft
26
vulnerability VCID-y9ew-ydqv-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8
1
url pkg:composer/magento/community-edition@2.4.6-p6
purl pkg:composer/magento/community-edition@2.4.6-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3hcd-r9gs-cfgh
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3wnx-e9kp-fkg7
10
vulnerability VCID-46mz-swkk-suhn
11
vulnerability VCID-4w8w-6563-3kfb
12
vulnerability VCID-5bn1-w5sa-ubft
13
vulnerability VCID-5du3-fvj3-87h7
14
vulnerability VCID-5fmh-e4j7-nbcf
15
vulnerability VCID-5tkb-ngcw-t7ap
16
vulnerability VCID-6g84-aswq-5kfb
17
vulnerability VCID-6mxj-tzme-zyhb
18
vulnerability VCID-7dbc-v42e-j7d6
19
vulnerability VCID-7dzy-1fxw-xfes
20
vulnerability VCID-8crc-kmpq-63bd
21
vulnerability VCID-94sc-9fyk-2uay
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9rdk-3631-eqcw
24
vulnerability VCID-a2mn-k8qn-j7c9
25
vulnerability VCID-ac6e-denb-w7hy
26
vulnerability VCID-ctr3-kt63-hybf
27
vulnerability VCID-d6u8-dhmd-x3ed
28
vulnerability VCID-dqfx-d99q-jyd1
29
vulnerability VCID-ekn2-uahd-4qgw
30
vulnerability VCID-enwr-t7r8-xyge
31
vulnerability VCID-euam-6b48-suhg
32
vulnerability VCID-ewjp-uxup-gqex
33
vulnerability VCID-f5jj-23tj-wkbu
34
vulnerability VCID-f6vc-8z9a-cqej
35
vulnerability VCID-ft2p-3a61-wudj
36
vulnerability VCID-gdh1-vff1-cfc2
37
vulnerability VCID-gf2z-99wt-3qcg
38
vulnerability VCID-hcbc-9c78-yye6
39
vulnerability VCID-jbs3-xb4d-j3gz
40
vulnerability VCID-jbzd-yjne-6ucr
41
vulnerability VCID-jehy-k235-4ua9
42
vulnerability VCID-jnsk-z1qy-8uh7
43
vulnerability VCID-khdx-kb5m-qyd7
44
vulnerability VCID-kumb-xzbe-5fb3
45
vulnerability VCID-mcuv-294k-5qc4
46
vulnerability VCID-mwg1-4tbg-53cg
47
vulnerability VCID-ntcr-n7fp-j3ab
48
vulnerability VCID-p84d-d8gt-ukck
49
vulnerability VCID-qsq4-2nz1-p7hu
50
vulnerability VCID-qxz4-rh86-cfcu
51
vulnerability VCID-rgfy-hqz1-zyb4
52
vulnerability VCID-rhp2-bwp6-k3d4
53
vulnerability VCID-t1ba-h3yd-yydc
54
vulnerability VCID-t5m6-39fh-zfhg
55
vulnerability VCID-tn7z-sztq-hbax
56
vulnerability VCID-u3gt-rhgh-p7ax
57
vulnerability VCID-v7r7-xtq1-gug6
58
vulnerability VCID-v7ru-7kga-2bet
59
vulnerability VCID-vthq-tuqs-5fg9
60
vulnerability VCID-vvzs-mjes-e3eq
61
vulnerability VCID-wdvt-5z3a-5bc2
62
vulnerability VCID-xde9-dz52-1fgp
63
vulnerability VCID-xm9z-aqhf-uqft
64
vulnerability VCID-y9ew-ydqv-4kbf
65
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-34105, GHSA-5632-wq7m-gfq9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6srg-smmw-hycj
8
url VCID-94sc-9fyk-2uay
vulnerability_id VCID-94sc-9fyk-2uay
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39402
reference_id
reference_type
scores
0
value 0.0264
scoring_system epss
scoring_elements 0.85973
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39402
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:09Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39402
reference_id CVE-2024-39402
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39402
4
reference_url https://github.com/advisories/GHSA-2ff6-837j-hg5x
reference_id GHSA-2ff6-837j-hg5x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2ff6-837j-hg5x
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39402, GHSA-2ff6-837j-hg5x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94sc-9fyk-2uay
9
url VCID-9gte-ub5c-mqas
vulnerability_id VCID-9gte-ub5c-mqas
summary 
Magento allows incorrect authorization
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54265
reference_id
reference_type
scores
0
value 0.00113
scoring_system epss
scoring_elements 0.29601
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54265
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb25-94.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/
url https://helpx.adobe.com/security/products/magento/apsb25-94.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-54265
reference_id CVE-2025-54265
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-54265
4
reference_url https://github.com/advisories/GHSA-r355-75hw-r8jf
reference_id GHSA-r355-75hw-r8jf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r355-75hw-r8jf
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.6-p13
purl pkg:composer/magento/community-edition@2.4.6-p13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13
1
url pkg:composer/magento/community-edition@2.4.7-p8
purl pkg:composer/magento/community-edition@2.4.7-p8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8
2
url pkg:composer/magento/community-edition@2.4.8-p3
purl pkg:composer/magento/community-edition@2.4.8-p3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3
3
url pkg:composer/magento/community-edition@2.4.9-alpha3
purl pkg:composer/magento/community-edition@2.4.9-alpha3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3
aliases CVE-2025-54265, GHSA-r355-75hw-r8jf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gte-ub5c-mqas
10
url VCID-a2mn-k8qn-j7c9
vulnerability_id VCID-a2mn-k8qn-j7c9
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39400
reference_id
reference_type
scores
0
value 0.01472
scoring_system epss
scoring_elements 0.81253
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39400
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:38Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39400
reference_id CVE-2024-39400
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39400
4
reference_url https://github.com/advisories/GHSA-52fg-wjxm-pp44
reference_id GHSA-52fg-wjxm-pp44
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-52fg-wjxm-pp44
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39400, GHSA-52fg-wjxm-pp44
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a2mn-k8qn-j7c9
11
url VCID-c7rf-4ky3-tyev
vulnerability_id VCID-c7rf-4ky3-tyev
summary 
Magento Open Source allows Uncontrolled Resource Consumption
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the application to slow down or crash. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-20716
reference_id
reference_type
scores
0
value 0.00265
scoring_system epss
scoring_elements 0.50174
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-20716
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-03.html
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-18T00:20:23Z/
url https://helpx.adobe.com/security/products/magento/apsb24-03.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20716
reference_id CVE-2024-20716
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-20716
4
reference_url https://github.com/advisories/GHSA-c9h9-h5gf-885r
reference_id GHSA-c9h9-h5gf-885r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c9h9-h5gf-885r
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p6
purl pkg:composer/magento/community-edition@2.4.5-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3hcd-r9gs-cfgh
4
vulnerability VCID-4w8w-6563-3kfb
5
vulnerability VCID-5bn1-w5sa-ubft
6
vulnerability VCID-6srg-smmw-hycj
7
vulnerability VCID-94sc-9fyk-2uay
8
vulnerability VCID-9gte-ub5c-mqas
9
vulnerability VCID-a2mn-k8qn-j7c9
10
vulnerability VCID-ctr3-kt63-hybf
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-enwr-t7r8-xyge
13
vulnerability VCID-euam-6b48-suhg
14
vulnerability VCID-f5jj-23tj-wkbu
15
vulnerability VCID-f6vc-8z9a-cqej
16
vulnerability VCID-ft2p-3a61-wudj
17
vulnerability VCID-gf2z-99wt-3qcg
18
vulnerability VCID-hbre-ty72-g7gy
19
vulnerability VCID-hcbc-9c78-yye6
20
vulnerability VCID-hwb9-yxzn-zub5
21
vulnerability VCID-k55s-dcep-mbbk
22
vulnerability VCID-mgxx-zdm4-9fe7
23
vulnerability VCID-ntcr-n7fp-j3ab
24
vulnerability VCID-pqpk-dh2p-4yc8
25
vulnerability VCID-qxz4-rh86-cfcu
26
vulnerability VCID-rgfy-hqz1-zyb4
27
vulnerability VCID-rv3b-5ja1-dkdv
28
vulnerability VCID-tk7j-4vsm-e7c6
29
vulnerability VCID-u3gt-rhgh-p7ax
30
vulnerability VCID-v7ru-7kga-2bet
31
vulnerability VCID-vvzs-mjes-e3eq
32
vulnerability VCID-xm9z-aqhf-uqft
33
vulnerability VCID-y9ew-ydqv-4kbf
34
vulnerability VCID-z8qf-cqwg-zkan
35
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6
1
url pkg:composer/magento/community-edition@2.4.6-p4
purl pkg:composer/magento/community-edition@2.4.6-p4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3sn5-689e-cbhk
9
vulnerability VCID-3v4v-ysx5-77gs
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4w8w-6563-3kfb
13
vulnerability VCID-5bn1-w5sa-ubft
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-6srg-smmw-hycj
20
vulnerability VCID-7dbc-v42e-j7d6
21
vulnerability VCID-7dzy-1fxw-xfes
22
vulnerability VCID-8crc-kmpq-63bd
23
vulnerability VCID-94sc-9fyk-2uay
24
vulnerability VCID-96gx-zvab-yyhe
25
vulnerability VCID-9rdk-3631-eqcw
26
vulnerability VCID-a2mn-k8qn-j7c9
27
vulnerability VCID-ac6e-denb-w7hy
28
vulnerability VCID-ctr3-kt63-hybf
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-enwr-t7r8-xyge
33
vulnerability VCID-euam-6b48-suhg
34
vulnerability VCID-ewjp-uxup-gqex
35
vulnerability VCID-f5jj-23tj-wkbu
36
vulnerability VCID-f6vc-8z9a-cqej
37
vulnerability VCID-ft2p-3a61-wudj
38
vulnerability VCID-gdh1-vff1-cfc2
39
vulnerability VCID-gf2z-99wt-3qcg
40
vulnerability VCID-hcbc-9c78-yye6
41
vulnerability VCID-hwb9-yxzn-zub5
42
vulnerability VCID-jbs3-xb4d-j3gz
43
vulnerability VCID-jbzd-yjne-6ucr
44
vulnerability VCID-jehy-k235-4ua9
45
vulnerability VCID-jnsk-z1qy-8uh7
46
vulnerability VCID-k55s-dcep-mbbk
47
vulnerability VCID-khdx-kb5m-qyd7
48
vulnerability VCID-kumb-xzbe-5fb3
49
vulnerability VCID-mcuv-294k-5qc4
50
vulnerability VCID-mgxx-zdm4-9fe7
51
vulnerability VCID-mwg1-4tbg-53cg
52
vulnerability VCID-ntcr-n7fp-j3ab
53
vulnerability VCID-p84d-d8gt-ukck
54
vulnerability VCID-pqpk-dh2p-4yc8
55
vulnerability VCID-qsq4-2nz1-p7hu
56
vulnerability VCID-qxz4-rh86-cfcu
57
vulnerability VCID-rgfy-hqz1-zyb4
58
vulnerability VCID-rhp2-bwp6-k3d4
59
vulnerability VCID-rv3b-5ja1-dkdv
60
vulnerability VCID-t1ba-h3yd-yydc
61
vulnerability VCID-t5m6-39fh-zfhg
62
vulnerability VCID-tn7z-sztq-hbax
63
vulnerability VCID-u3gt-rhgh-p7ax
64
vulnerability VCID-v7r7-xtq1-gug6
65
vulnerability VCID-v7ru-7kga-2bet
66
vulnerability VCID-vthq-tuqs-5fg9
67
vulnerability VCID-vvzs-mjes-e3eq
68
vulnerability VCID-wdvt-5z3a-5bc2
69
vulnerability VCID-xde9-dz52-1fgp
70
vulnerability VCID-xm9z-aqhf-uqft
71
vulnerability VCID-y9ew-ydqv-4kbf
72
vulnerability VCID-yh52-jggb-jfgx
73
vulnerability VCID-z8qf-cqwg-zkan
74
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-20716, GHSA-c9h9-h5gf-885r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c7rf-4ky3-tyev
12
url VCID-ca94-mqq1-jyaz
vulnerability_id VCID-ca94-mqq1-jyaz
summary 
Magento Open Source allows OS Command Injection
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-20720
reference_id
reference_type
scores
0
value 0.07195
scoring_system epss
scoring_elements 0.91722
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-20720
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-03.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-11T17:46:31Z/
url https://helpx.adobe.com/security/products/magento/apsb24-03.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20720
reference_id CVE-2024-20720
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-20720
4
reference_url https://github.com/advisories/GHSA-525f-pvj5-vqmq
reference_id GHSA-525f-pvj5-vqmq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-525f-pvj5-vqmq
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p6
purl pkg:composer/magento/community-edition@2.4.5-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3hcd-r9gs-cfgh
4
vulnerability VCID-4w8w-6563-3kfb
5
vulnerability VCID-5bn1-w5sa-ubft
6
vulnerability VCID-6srg-smmw-hycj
7
vulnerability VCID-94sc-9fyk-2uay
8
vulnerability VCID-9gte-ub5c-mqas
9
vulnerability VCID-a2mn-k8qn-j7c9
10
vulnerability VCID-ctr3-kt63-hybf
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-enwr-t7r8-xyge
13
vulnerability VCID-euam-6b48-suhg
14
vulnerability VCID-f5jj-23tj-wkbu
15
vulnerability VCID-f6vc-8z9a-cqej
16
vulnerability VCID-ft2p-3a61-wudj
17
vulnerability VCID-gf2z-99wt-3qcg
18
vulnerability VCID-hbre-ty72-g7gy
19
vulnerability VCID-hcbc-9c78-yye6
20
vulnerability VCID-hwb9-yxzn-zub5
21
vulnerability VCID-k55s-dcep-mbbk
22
vulnerability VCID-mgxx-zdm4-9fe7
23
vulnerability VCID-ntcr-n7fp-j3ab
24
vulnerability VCID-pqpk-dh2p-4yc8
25
vulnerability VCID-qxz4-rh86-cfcu
26
vulnerability VCID-rgfy-hqz1-zyb4
27
vulnerability VCID-rv3b-5ja1-dkdv
28
vulnerability VCID-tk7j-4vsm-e7c6
29
vulnerability VCID-u3gt-rhgh-p7ax
30
vulnerability VCID-v7ru-7kga-2bet
31
vulnerability VCID-vvzs-mjes-e3eq
32
vulnerability VCID-xm9z-aqhf-uqft
33
vulnerability VCID-y9ew-ydqv-4kbf
34
vulnerability VCID-z8qf-cqwg-zkan
35
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6
1
url pkg:composer/magento/community-edition@2.4.6-p4
purl pkg:composer/magento/community-edition@2.4.6-p4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3sn5-689e-cbhk
9
vulnerability VCID-3v4v-ysx5-77gs
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4w8w-6563-3kfb
13
vulnerability VCID-5bn1-w5sa-ubft
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-6srg-smmw-hycj
20
vulnerability VCID-7dbc-v42e-j7d6
21
vulnerability VCID-7dzy-1fxw-xfes
22
vulnerability VCID-8crc-kmpq-63bd
23
vulnerability VCID-94sc-9fyk-2uay
24
vulnerability VCID-96gx-zvab-yyhe
25
vulnerability VCID-9rdk-3631-eqcw
26
vulnerability VCID-a2mn-k8qn-j7c9
27
vulnerability VCID-ac6e-denb-w7hy
28
vulnerability VCID-ctr3-kt63-hybf
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-enwr-t7r8-xyge
33
vulnerability VCID-euam-6b48-suhg
34
vulnerability VCID-ewjp-uxup-gqex
35
vulnerability VCID-f5jj-23tj-wkbu
36
vulnerability VCID-f6vc-8z9a-cqej
37
vulnerability VCID-ft2p-3a61-wudj
38
vulnerability VCID-gdh1-vff1-cfc2
39
vulnerability VCID-gf2z-99wt-3qcg
40
vulnerability VCID-hcbc-9c78-yye6
41
vulnerability VCID-hwb9-yxzn-zub5
42
vulnerability VCID-jbs3-xb4d-j3gz
43
vulnerability VCID-jbzd-yjne-6ucr
44
vulnerability VCID-jehy-k235-4ua9
45
vulnerability VCID-jnsk-z1qy-8uh7
46
vulnerability VCID-k55s-dcep-mbbk
47
vulnerability VCID-khdx-kb5m-qyd7
48
vulnerability VCID-kumb-xzbe-5fb3
49
vulnerability VCID-mcuv-294k-5qc4
50
vulnerability VCID-mgxx-zdm4-9fe7
51
vulnerability VCID-mwg1-4tbg-53cg
52
vulnerability VCID-ntcr-n7fp-j3ab
53
vulnerability VCID-p84d-d8gt-ukck
54
vulnerability VCID-pqpk-dh2p-4yc8
55
vulnerability VCID-qsq4-2nz1-p7hu
56
vulnerability VCID-qxz4-rh86-cfcu
57
vulnerability VCID-rgfy-hqz1-zyb4
58
vulnerability VCID-rhp2-bwp6-k3d4
59
vulnerability VCID-rv3b-5ja1-dkdv
60
vulnerability VCID-t1ba-h3yd-yydc
61
vulnerability VCID-t5m6-39fh-zfhg
62
vulnerability VCID-tn7z-sztq-hbax
63
vulnerability VCID-u3gt-rhgh-p7ax
64
vulnerability VCID-v7r7-xtq1-gug6
65
vulnerability VCID-v7ru-7kga-2bet
66
vulnerability VCID-vthq-tuqs-5fg9
67
vulnerability VCID-vvzs-mjes-e3eq
68
vulnerability VCID-wdvt-5z3a-5bc2
69
vulnerability VCID-xde9-dz52-1fgp
70
vulnerability VCID-xm9z-aqhf-uqft
71
vulnerability VCID-y9ew-ydqv-4kbf
72
vulnerability VCID-yh52-jggb-jfgx
73
vulnerability VCID-z8qf-cqwg-zkan
74
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-20720, GHSA-525f-pvj5-vqmq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ca94-mqq1-jyaz
13
url VCID-ctr3-kt63-hybf
vulnerability_id VCID-ctr3-kt63-hybf
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39404
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.4775
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39404
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:52Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39404
reference_id CVE-2024-39404
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39404
4
reference_url https://github.com/advisories/GHSA-qrh3-vxjg-h9h6
reference_id GHSA-qrh3-vxjg-h9h6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qrh3-vxjg-h9h6
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39404, GHSA-qrh3-vxjg-h9h6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ctr3-kt63-hybf
14
url VCID-d372-f5hu-1bhr
vulnerability_id VCID-d372-f5hu-1bhr
summary 
Magento provides incorrect authorization through a security feature bypass
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54263
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25901
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54263
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb25-94.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/
url https://helpx.adobe.com/security/products/magento/apsb25-94.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-54263
reference_id CVE-2025-54263
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-54263
4
reference_url https://github.com/advisories/GHSA-69x9-xp2j-w8g8
reference_id GHSA-69x9-xp2j-w8g8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-69x9-xp2j-w8g8
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.6-p13
purl pkg:composer/magento/community-edition@2.4.6-p13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13
1
url pkg:composer/magento/community-edition@2.4.7-p8
purl pkg:composer/magento/community-edition@2.4.7-p8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8
2
url pkg:composer/magento/community-edition@2.4.8-p3
purl pkg:composer/magento/community-edition@2.4.8-p3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3
3
url pkg:composer/magento/community-edition@2.4.9-alpha3
purl pkg:composer/magento/community-edition@2.4.9-alpha3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3
aliases CVE-2025-54263, GHSA-69x9-xp2j-w8g8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d372-f5hu-1bhr
15
url VCID-enwr-t7r8-xyge
vulnerability_id VCID-enwr-t7r8-xyge
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39398
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46972
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39398
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:17Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39398
reference_id CVE-2024-39398
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39398
4
reference_url https://github.com/advisories/GHSA-q628-54wg-4r5q
reference_id GHSA-q628-54wg-4r5q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q628-54wg-4r5q
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39398, GHSA-q628-54wg-4r5q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enwr-t7r8-xyge
16
url VCID-euam-6b48-suhg
vulnerability_id VCID-euam-6b48-suhg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39407
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.4775
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39407
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:04Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39407
reference_id CVE-2024-39407
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39407
4
reference_url https://github.com/advisories/GHSA-cjm6-8mw8-2f8c
reference_id GHSA-cjm6-8mw8-2f8c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cjm6-8mw8-2f8c
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39407, GHSA-cjm6-8mw8-2f8c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-euam-6b48-suhg
17
url VCID-f5jj-23tj-wkbu
vulnerability_id VCID-f5jj-23tj-wkbu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39410
reference_id
reference_type
scores
0
value 0.00515
scoring_system epss
scoring_elements 0.66912
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39410
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39410
reference_id CVE-2024-39410
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39410
4
reference_url https://github.com/advisories/GHSA-4323-f82v-f6jr
reference_id GHSA-4323-f82v-f6jr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4323-f82v-f6jr
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
3
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39410, GHSA-4323-f82v-f6jr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5jj-23tj-wkbu
18
url VCID-f6vc-8z9a-cqej
vulnerability_id VCID-f6vc-8z9a-cqej
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39415
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.54108
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39415
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:06Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39415
reference_id CVE-2024-39415
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39415
4
reference_url https://github.com/advisories/GHSA-gj93-84g5-mcjq
reference_id GHSA-gj93-84g5-mcjq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gj93-84g5-mcjq
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39415, GHSA-gj93-84g5-mcjq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f6vc-8z9a-cqej
19
url VCID-ft2p-3a61-wudj
vulnerability_id VCID-ft2p-3a61-wudj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39406
reference_id
reference_type
scores
0
value 0.00916
scoring_system epss
scoring_elements 0.76253
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39406
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:23Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39406
reference_id CVE-2024-39406
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39406
4
reference_url https://github.com/advisories/GHSA-6pxh-2557-5cj5
reference_id GHSA-6pxh-2557-5cj5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6pxh-2557-5cj5
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
3
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39406, GHSA-6pxh-2557-5cj5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft2p-3a61-wudj
20
url VCID-gf2z-99wt-3qcg
vulnerability_id VCID-gf2z-99wt-3qcg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39409
reference_id
reference_type
scores
0
value 0.00515
scoring_system epss
scoring_elements 0.66912
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39409
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:00Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39409
reference_id CVE-2024-39409
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39409
4
reference_url https://github.com/advisories/GHSA-rf4q-m23c-7q8r
reference_id GHSA-rf4q-m23c-7q8r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rf4q-m23c-7q8r
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
3
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39409, GHSA-rf4q-m23c-7q8r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gf2z-99wt-3qcg
21
url VCID-hbre-ty72-g7gy
vulnerability_id VCID-hbre-ty72-g7gy
summary 
Magento vulnerable to stored Cross-Site Scripting (XSS)
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54264
reference_id
reference_type
scores
0
value 0.00084
scoring_system epss
scoring_elements 0.24578
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54264
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb25-94.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/
url https://helpx.adobe.com/security/products/magento/apsb25-94.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-54264
reference_id CVE-2025-54264
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-54264
4
reference_url https://github.com/advisories/GHSA-2768-5wmv-cfff
reference_id GHSA-2768-5wmv-cfff
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2768-5wmv-cfff
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.6-p13
purl pkg:composer/magento/community-edition@2.4.6-p13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13
1
url pkg:composer/magento/community-edition@2.4.7-p8
purl pkg:composer/magento/community-edition@2.4.7-p8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8
2
url pkg:composer/magento/community-edition@2.4.8-p3
purl pkg:composer/magento/community-edition@2.4.8-p3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3
3
url pkg:composer/magento/community-edition@2.4.9-alpha3
purl pkg:composer/magento/community-edition@2.4.9-alpha3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3
aliases CVE-2025-54264, GHSA-2768-5wmv-cfff
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbre-ty72-g7gy
22
url VCID-hcbc-9c78-yye6
vulnerability_id VCID-hcbc-9c78-yye6
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39405
reference_id
reference_type
scores
0
value 0.00233
scoring_system epss
scoring_elements 0.46269
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39405
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:21Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39405
reference_id CVE-2024-39405
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39405
4
reference_url https://github.com/advisories/GHSA-5g9f-7gqc-8hj4
reference_id GHSA-5g9f-7gqc-8hj4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5g9f-7gqc-8hj4
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39405, GHSA-5g9f-7gqc-8hj4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcbc-9c78-yye6
23
url VCID-hwb9-yxzn-zub5
vulnerability_id VCID-hwb9-yxzn-zub5
summary 
Magento Open Source allows Cross-Site Scripting (XSS)
Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Confidentiality and integrity are considered high due to having admin impact.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-20759
reference_id
reference_type
scores
0
value 0.01627
scoring_system epss
scoring_elements 0.82182
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-20759
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-18.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:07Z/
url https://helpx.adobe.com/security/products/magento/apsb24-18.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20759
reference_id CVE-2024-20759
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
1
value 6.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-20759
4
reference_url https://github.com/advisories/GHSA-59vf-hjxc-f9c5
reference_id GHSA-59vf-hjxc-f9c5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59vf-hjxc-f9c5
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p7
purl pkg:composer/magento/community-edition@2.4.5-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3hcd-r9gs-cfgh
4
vulnerability VCID-4w8w-6563-3kfb
5
vulnerability VCID-5bn1-w5sa-ubft
6
vulnerability VCID-6srg-smmw-hycj
7
vulnerability VCID-94sc-9fyk-2uay
8
vulnerability VCID-9gte-ub5c-mqas
9
vulnerability VCID-a2mn-k8qn-j7c9
10
vulnerability VCID-ctr3-kt63-hybf
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-enwr-t7r8-xyge
13
vulnerability VCID-euam-6b48-suhg
14
vulnerability VCID-f5jj-23tj-wkbu
15
vulnerability VCID-f6vc-8z9a-cqej
16
vulnerability VCID-ft2p-3a61-wudj
17
vulnerability VCID-gf2z-99wt-3qcg
18
vulnerability VCID-hbre-ty72-g7gy
19
vulnerability VCID-hcbc-9c78-yye6
20
vulnerability VCID-k55s-dcep-mbbk
21
vulnerability VCID-mgxx-zdm4-9fe7
22
vulnerability VCID-ntcr-n7fp-j3ab
23
vulnerability VCID-qxz4-rh86-cfcu
24
vulnerability VCID-rgfy-hqz1-zyb4
25
vulnerability VCID-rv3b-5ja1-dkdv
26
vulnerability VCID-tk7j-4vsm-e7c6
27
vulnerability VCID-u3gt-rhgh-p7ax
28
vulnerability VCID-v7ru-7kga-2bet
29
vulnerability VCID-vvzs-mjes-e3eq
30
vulnerability VCID-xm9z-aqhf-uqft
31
vulnerability VCID-y9ew-ydqv-4kbf
32
vulnerability VCID-z8qf-cqwg-zkan
33
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p7
1
url pkg:composer/magento/community-edition@2.4.6-p5
purl pkg:composer/magento/community-edition@2.4.6-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3sn5-689e-cbhk
9
vulnerability VCID-3v4v-ysx5-77gs
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4w8w-6563-3kfb
13
vulnerability VCID-5bn1-w5sa-ubft
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-6srg-smmw-hycj
20
vulnerability VCID-7dbc-v42e-j7d6
21
vulnerability VCID-7dzy-1fxw-xfes
22
vulnerability VCID-8crc-kmpq-63bd
23
vulnerability VCID-94sc-9fyk-2uay
24
vulnerability VCID-96gx-zvab-yyhe
25
vulnerability VCID-9rdk-3631-eqcw
26
vulnerability VCID-a2mn-k8qn-j7c9
27
vulnerability VCID-ac6e-denb-w7hy
28
vulnerability VCID-ctr3-kt63-hybf
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-enwr-t7r8-xyge
33
vulnerability VCID-euam-6b48-suhg
34
vulnerability VCID-ewjp-uxup-gqex
35
vulnerability VCID-f5jj-23tj-wkbu
36
vulnerability VCID-f6vc-8z9a-cqej
37
vulnerability VCID-ft2p-3a61-wudj
38
vulnerability VCID-gdh1-vff1-cfc2
39
vulnerability VCID-gf2z-99wt-3qcg
40
vulnerability VCID-hcbc-9c78-yye6
41
vulnerability VCID-jbs3-xb4d-j3gz
42
vulnerability VCID-jbzd-yjne-6ucr
43
vulnerability VCID-jehy-k235-4ua9
44
vulnerability VCID-jnsk-z1qy-8uh7
45
vulnerability VCID-k55s-dcep-mbbk
46
vulnerability VCID-khdx-kb5m-qyd7
47
vulnerability VCID-kumb-xzbe-5fb3
48
vulnerability VCID-mcuv-294k-5qc4
49
vulnerability VCID-mgxx-zdm4-9fe7
50
vulnerability VCID-mwg1-4tbg-53cg
51
vulnerability VCID-ntcr-n7fp-j3ab
52
vulnerability VCID-p84d-d8gt-ukck
53
vulnerability VCID-qsq4-2nz1-p7hu
54
vulnerability VCID-qxz4-rh86-cfcu
55
vulnerability VCID-rgfy-hqz1-zyb4
56
vulnerability VCID-rhp2-bwp6-k3d4
57
vulnerability VCID-rv3b-5ja1-dkdv
58
vulnerability VCID-t1ba-h3yd-yydc
59
vulnerability VCID-t5m6-39fh-zfhg
60
vulnerability VCID-tn7z-sztq-hbax
61
vulnerability VCID-u3gt-rhgh-p7ax
62
vulnerability VCID-v7r7-xtq1-gug6
63
vulnerability VCID-v7ru-7kga-2bet
64
vulnerability VCID-vthq-tuqs-5fg9
65
vulnerability VCID-vvzs-mjes-e3eq
66
vulnerability VCID-wdvt-5z3a-5bc2
67
vulnerability VCID-xde9-dz52-1fgp
68
vulnerability VCID-xm9z-aqhf-uqft
69
vulnerability VCID-y9ew-ydqv-4kbf
70
vulnerability VCID-yh52-jggb-jfgx
71
vulnerability VCID-z8qf-cqwg-zkan
72
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p5
2
url pkg:composer/magento/community-edition@2.4.7
purl pkg:composer/magento/community-edition@2.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-2495-ugn7-v7fk
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3jns-w9p4-jyca
10
vulnerability VCID-3sn5-689e-cbhk
11
vulnerability VCID-3tpy-wktb-wqdj
12
vulnerability VCID-3v4v-ysx5-77gs
13
vulnerability VCID-3vpy-uswf-5ugc
14
vulnerability VCID-3wnx-e9kp-fkg7
15
vulnerability VCID-46mz-swkk-suhn
16
vulnerability VCID-4kg3-wkw1-vqhy
17
vulnerability VCID-4w8w-6563-3kfb
18
vulnerability VCID-53d5-qzm4-vfgs
19
vulnerability VCID-5bn1-w5sa-ubft
20
vulnerability VCID-5du3-fvj3-87h7
21
vulnerability VCID-5fmh-e4j7-nbcf
22
vulnerability VCID-5tkb-ngcw-t7ap
23
vulnerability VCID-6g84-aswq-5kfb
24
vulnerability VCID-6mxj-tzme-zyhb
25
vulnerability VCID-6srg-smmw-hycj
26
vulnerability VCID-7dbc-v42e-j7d6
27
vulnerability VCID-7dzy-1fxw-xfes
28
vulnerability VCID-8crc-kmpq-63bd
29
vulnerability VCID-94sc-9fyk-2uay
30
vulnerability VCID-96gx-zvab-yyhe
31
vulnerability VCID-9gte-ub5c-mqas
32
vulnerability VCID-a2mn-k8qn-j7c9
33
vulnerability VCID-a9hc-nhv2-7ubx
34
vulnerability VCID-ac6e-denb-w7hy
35
vulnerability VCID-annu-j9a3-xkhs
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-euam-6b48-suhg
43
vulnerability VCID-ewjp-uxup-gqex
44
vulnerability VCID-f5jj-23tj-wkbu
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-ft2p-3a61-wudj
47
vulnerability VCID-gdh1-vff1-cfc2
48
vulnerability VCID-gf2z-99wt-3qcg
49
vulnerability VCID-gkb3-ddu2-qyg6
50
vulnerability VCID-gyd8-hu6s-wkgt
51
vulnerability VCID-hbre-ty72-g7gy
52
vulnerability VCID-hcbc-9c78-yye6
53
vulnerability VCID-jbs3-xb4d-j3gz
54
vulnerability VCID-jbzd-yjne-6ucr
55
vulnerability VCID-jede-wz7z-2ugt
56
vulnerability VCID-jehy-k235-4ua9
57
vulnerability VCID-jg5k-6vqh-57ey
58
vulnerability VCID-jnsk-z1qy-8uh7
59
vulnerability VCID-k55s-dcep-mbbk
60
vulnerability VCID-khdx-kb5m-qyd7
61
vulnerability VCID-kumb-xzbe-5fb3
62
vulnerability VCID-mcuv-294k-5qc4
63
vulnerability VCID-mgk4-9tan-a7fj
64
vulnerability VCID-mgxx-zdm4-9fe7
65
vulnerability VCID-mwg1-4tbg-53cg
66
vulnerability VCID-ntcr-n7fp-j3ab
67
vulnerability VCID-p84d-d8gt-ukck
68
vulnerability VCID-qsq4-2nz1-p7hu
69
vulnerability VCID-qxz4-rh86-cfcu
70
vulnerability VCID-rgfy-hqz1-zyb4
71
vulnerability VCID-rhp2-bwp6-k3d4
72
vulnerability VCID-rv3b-5ja1-dkdv
73
vulnerability VCID-t1ba-h3yd-yydc
74
vulnerability VCID-t5m6-39fh-zfhg
75
vulnerability VCID-tk7j-4vsm-e7c6
76
vulnerability VCID-tn7z-sztq-hbax
77
vulnerability VCID-u3gt-rhgh-p7ax
78
vulnerability VCID-uv6e-ctrt-eycw
79
vulnerability VCID-v7r7-xtq1-gug6
80
vulnerability VCID-v7ru-7kga-2bet
81
vulnerability VCID-vjad-xkj2-nygh
82
vulnerability VCID-vthq-tuqs-5fg9
83
vulnerability VCID-vvzs-mjes-e3eq
84
vulnerability VCID-wdvt-5z3a-5bc2
85
vulnerability VCID-weqh-3ye3-nbbp
86
vulnerability VCID-xde9-dz52-1fgp
87
vulnerability VCID-xm9z-aqhf-uqft
88
vulnerability VCID-y9ew-ydqv-4kbf
89
vulnerability VCID-yh52-jggb-jfgx
90
vulnerability VCID-yjgp-6ntk-xbc3
91
vulnerability VCID-ypqs-5ju2-hkcz
92
vulnerability VCID-yzdu-4cnk-5uft
93
vulnerability VCID-z8qf-cqwg-zkan
94
vulnerability VCID-zacs-wg6m-qyg4
95
vulnerability VCID-zgzb-haur-s7aq
96
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7
aliases CVE-2024-20759, GHSA-59vf-hjxc-f9c5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hwb9-yxzn-zub5
24
url VCID-k55s-dcep-mbbk
vulnerability_id VCID-k55s-dcep-mbbk
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34106
reference_id
reference_type
scores
0
value 0.00654
scoring_system epss
scoring_elements 0.71275
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34106
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
3
reference_url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
4
reference_url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
5
reference_url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
6
reference_url https://helpx.adobe.com/security/products/magento/apsb24-40.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:21:10Z/
url https://helpx.adobe.com/security/products/magento/apsb24-40.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34106
reference_id CVE-2024-34106
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34106
8
reference_url https://github.com/advisories/GHSA-p6h9-gx5g-wg64
reference_id GHSA-p6h9-gx5g-wg64
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p6h9-gx5g-wg64
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p8
purl pkg:composer/magento/community-edition@2.4.5-p8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-2495-ugn7-v7fk
2
vulnerability VCID-3hcd-r9gs-cfgh
3
vulnerability VCID-4w8w-6563-3kfb
4
vulnerability VCID-5bn1-w5sa-ubft
5
vulnerability VCID-94sc-9fyk-2uay
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a2mn-k8qn-j7c9
8
vulnerability VCID-ctr3-kt63-hybf
9
vulnerability VCID-d372-f5hu-1bhr
10
vulnerability VCID-enwr-t7r8-xyge
11
vulnerability VCID-euam-6b48-suhg
12
vulnerability VCID-f5jj-23tj-wkbu
13
vulnerability VCID-f6vc-8z9a-cqej
14
vulnerability VCID-ft2p-3a61-wudj
15
vulnerability VCID-gf2z-99wt-3qcg
16
vulnerability VCID-hbre-ty72-g7gy
17
vulnerability VCID-hcbc-9c78-yye6
18
vulnerability VCID-ntcr-n7fp-j3ab
19
vulnerability VCID-qxz4-rh86-cfcu
20
vulnerability VCID-rgfy-hqz1-zyb4
21
vulnerability VCID-tk7j-4vsm-e7c6
22
vulnerability VCID-u3gt-rhgh-p7ax
23
vulnerability VCID-v7ru-7kga-2bet
24
vulnerability VCID-vvzs-mjes-e3eq
25
vulnerability VCID-xm9z-aqhf-uqft
26
vulnerability VCID-y9ew-ydqv-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8
1
url pkg:composer/magento/community-edition@2.4.6-p6
purl pkg:composer/magento/community-edition@2.4.6-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3hcd-r9gs-cfgh
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3wnx-e9kp-fkg7
10
vulnerability VCID-46mz-swkk-suhn
11
vulnerability VCID-4w8w-6563-3kfb
12
vulnerability VCID-5bn1-w5sa-ubft
13
vulnerability VCID-5du3-fvj3-87h7
14
vulnerability VCID-5fmh-e4j7-nbcf
15
vulnerability VCID-5tkb-ngcw-t7ap
16
vulnerability VCID-6g84-aswq-5kfb
17
vulnerability VCID-6mxj-tzme-zyhb
18
vulnerability VCID-7dbc-v42e-j7d6
19
vulnerability VCID-7dzy-1fxw-xfes
20
vulnerability VCID-8crc-kmpq-63bd
21
vulnerability VCID-94sc-9fyk-2uay
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9rdk-3631-eqcw
24
vulnerability VCID-a2mn-k8qn-j7c9
25
vulnerability VCID-ac6e-denb-w7hy
26
vulnerability VCID-ctr3-kt63-hybf
27
vulnerability VCID-d6u8-dhmd-x3ed
28
vulnerability VCID-dqfx-d99q-jyd1
29
vulnerability VCID-ekn2-uahd-4qgw
30
vulnerability VCID-enwr-t7r8-xyge
31
vulnerability VCID-euam-6b48-suhg
32
vulnerability VCID-ewjp-uxup-gqex
33
vulnerability VCID-f5jj-23tj-wkbu
34
vulnerability VCID-f6vc-8z9a-cqej
35
vulnerability VCID-ft2p-3a61-wudj
36
vulnerability VCID-gdh1-vff1-cfc2
37
vulnerability VCID-gf2z-99wt-3qcg
38
vulnerability VCID-hcbc-9c78-yye6
39
vulnerability VCID-jbs3-xb4d-j3gz
40
vulnerability VCID-jbzd-yjne-6ucr
41
vulnerability VCID-jehy-k235-4ua9
42
vulnerability VCID-jnsk-z1qy-8uh7
43
vulnerability VCID-khdx-kb5m-qyd7
44
vulnerability VCID-kumb-xzbe-5fb3
45
vulnerability VCID-mcuv-294k-5qc4
46
vulnerability VCID-mwg1-4tbg-53cg
47
vulnerability VCID-ntcr-n7fp-j3ab
48
vulnerability VCID-p84d-d8gt-ukck
49
vulnerability VCID-qsq4-2nz1-p7hu
50
vulnerability VCID-qxz4-rh86-cfcu
51
vulnerability VCID-rgfy-hqz1-zyb4
52
vulnerability VCID-rhp2-bwp6-k3d4
53
vulnerability VCID-t1ba-h3yd-yydc
54
vulnerability VCID-t5m6-39fh-zfhg
55
vulnerability VCID-tn7z-sztq-hbax
56
vulnerability VCID-u3gt-rhgh-p7ax
57
vulnerability VCID-v7r7-xtq1-gug6
58
vulnerability VCID-v7ru-7kga-2bet
59
vulnerability VCID-vthq-tuqs-5fg9
60
vulnerability VCID-vvzs-mjes-e3eq
61
vulnerability VCID-wdvt-5z3a-5bc2
62
vulnerability VCID-xde9-dz52-1fgp
63
vulnerability VCID-xm9z-aqhf-uqft
64
vulnerability VCID-y9ew-ydqv-4kbf
65
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-34106, GHSA-p6h9-gx5g-wg64
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k55s-dcep-mbbk
25
url VCID-mgxx-zdm4-9fe7
vulnerability_id VCID-mgxx-zdm4-9fe7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34107
reference_id
reference_type
scores
0
value 0.00729
scoring_system epss
scoring_elements 0.72972
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34107
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
3
reference_url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
4
reference_url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
5
reference_url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
6
reference_url https://helpx.adobe.com/security/products/magento/apsb24-40.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:30:50Z/
url https://helpx.adobe.com/security/products/magento/apsb24-40.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34107
reference_id CVE-2024-34107
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34107
8
reference_url https://github.com/advisories/GHSA-r7cm-g469-wm4g
reference_id GHSA-r7cm-g469-wm4g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r7cm-g469-wm4g
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p8
purl pkg:composer/magento/community-edition@2.4.5-p8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-2495-ugn7-v7fk
2
vulnerability VCID-3hcd-r9gs-cfgh
3
vulnerability VCID-4w8w-6563-3kfb
4
vulnerability VCID-5bn1-w5sa-ubft
5
vulnerability VCID-94sc-9fyk-2uay
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a2mn-k8qn-j7c9
8
vulnerability VCID-ctr3-kt63-hybf
9
vulnerability VCID-d372-f5hu-1bhr
10
vulnerability VCID-enwr-t7r8-xyge
11
vulnerability VCID-euam-6b48-suhg
12
vulnerability VCID-f5jj-23tj-wkbu
13
vulnerability VCID-f6vc-8z9a-cqej
14
vulnerability VCID-ft2p-3a61-wudj
15
vulnerability VCID-gf2z-99wt-3qcg
16
vulnerability VCID-hbre-ty72-g7gy
17
vulnerability VCID-hcbc-9c78-yye6
18
vulnerability VCID-ntcr-n7fp-j3ab
19
vulnerability VCID-qxz4-rh86-cfcu
20
vulnerability VCID-rgfy-hqz1-zyb4
21
vulnerability VCID-tk7j-4vsm-e7c6
22
vulnerability VCID-u3gt-rhgh-p7ax
23
vulnerability VCID-v7ru-7kga-2bet
24
vulnerability VCID-vvzs-mjes-e3eq
25
vulnerability VCID-xm9z-aqhf-uqft
26
vulnerability VCID-y9ew-ydqv-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8
1
url pkg:composer/magento/community-edition@2.4.6-p6
purl pkg:composer/magento/community-edition@2.4.6-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3hcd-r9gs-cfgh
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3wnx-e9kp-fkg7
10
vulnerability VCID-46mz-swkk-suhn
11
vulnerability VCID-4w8w-6563-3kfb
12
vulnerability VCID-5bn1-w5sa-ubft
13
vulnerability VCID-5du3-fvj3-87h7
14
vulnerability VCID-5fmh-e4j7-nbcf
15
vulnerability VCID-5tkb-ngcw-t7ap
16
vulnerability VCID-6g84-aswq-5kfb
17
vulnerability VCID-6mxj-tzme-zyhb
18
vulnerability VCID-7dbc-v42e-j7d6
19
vulnerability VCID-7dzy-1fxw-xfes
20
vulnerability VCID-8crc-kmpq-63bd
21
vulnerability VCID-94sc-9fyk-2uay
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9rdk-3631-eqcw
24
vulnerability VCID-a2mn-k8qn-j7c9
25
vulnerability VCID-ac6e-denb-w7hy
26
vulnerability VCID-ctr3-kt63-hybf
27
vulnerability VCID-d6u8-dhmd-x3ed
28
vulnerability VCID-dqfx-d99q-jyd1
29
vulnerability VCID-ekn2-uahd-4qgw
30
vulnerability VCID-enwr-t7r8-xyge
31
vulnerability VCID-euam-6b48-suhg
32
vulnerability VCID-ewjp-uxup-gqex
33
vulnerability VCID-f5jj-23tj-wkbu
34
vulnerability VCID-f6vc-8z9a-cqej
35
vulnerability VCID-ft2p-3a61-wudj
36
vulnerability VCID-gdh1-vff1-cfc2
37
vulnerability VCID-gf2z-99wt-3qcg
38
vulnerability VCID-hcbc-9c78-yye6
39
vulnerability VCID-jbs3-xb4d-j3gz
40
vulnerability VCID-jbzd-yjne-6ucr
41
vulnerability VCID-jehy-k235-4ua9
42
vulnerability VCID-jnsk-z1qy-8uh7
43
vulnerability VCID-khdx-kb5m-qyd7
44
vulnerability VCID-kumb-xzbe-5fb3
45
vulnerability VCID-mcuv-294k-5qc4
46
vulnerability VCID-mwg1-4tbg-53cg
47
vulnerability VCID-ntcr-n7fp-j3ab
48
vulnerability VCID-p84d-d8gt-ukck
49
vulnerability VCID-qsq4-2nz1-p7hu
50
vulnerability VCID-qxz4-rh86-cfcu
51
vulnerability VCID-rgfy-hqz1-zyb4
52
vulnerability VCID-rhp2-bwp6-k3d4
53
vulnerability VCID-t1ba-h3yd-yydc
54
vulnerability VCID-t5m6-39fh-zfhg
55
vulnerability VCID-tn7z-sztq-hbax
56
vulnerability VCID-u3gt-rhgh-p7ax
57
vulnerability VCID-v7r7-xtq1-gug6
58
vulnerability VCID-v7ru-7kga-2bet
59
vulnerability VCID-vthq-tuqs-5fg9
60
vulnerability VCID-vvzs-mjes-e3eq
61
vulnerability VCID-wdvt-5z3a-5bc2
62
vulnerability VCID-xde9-dz52-1fgp
63
vulnerability VCID-xm9z-aqhf-uqft
64
vulnerability VCID-y9ew-ydqv-4kbf
65
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-34107, GHSA-r7cm-g469-wm4g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgxx-zdm4-9fe7
26
url VCID-ntcr-n7fp-j3ab
vulnerability_id VCID-ntcr-n7fp-j3ab
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39399
reference_id
reference_type
scores
0
value 0.00842
scoring_system epss
scoring_elements 0.75054
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39399
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T14:09:03Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39399
reference_id CVE-2024-39399
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39399
4
reference_url https://github.com/advisories/GHSA-7r99-8wqp-h7pc
reference_id GHSA-7r99-8wqp-h7pc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7r99-8wqp-h7pc
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39399, GHSA-7r99-8wqp-h7pc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntcr-n7fp-j3ab
27
url VCID-pqpk-dh2p-4yc8
vulnerability_id VCID-pqpk-dh2p-4yc8
summary 
Magento Open Source allows Improper Input Validation
Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but the attack complexity is high.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-20758
reference_id
reference_type
scores
0
value 0.02201
scoring_system epss
scoring_elements 0.84703
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-20758
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-18.html
reference_id
reference_type
scores
0
value 9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 9.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:06Z/
url https://helpx.adobe.com/security/products/magento/apsb24-18.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20758
reference_id CVE-2024-20758
reference_type
scores
0
value 9.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-20758
4
reference_url https://github.com/advisories/GHSA-wh4m-6rh3-p4rq
reference_id GHSA-wh4m-6rh3-p4rq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wh4m-6rh3-p4rq
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p7
purl pkg:composer/magento/community-edition@2.4.5-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3hcd-r9gs-cfgh
4
vulnerability VCID-4w8w-6563-3kfb
5
vulnerability VCID-5bn1-w5sa-ubft
6
vulnerability VCID-6srg-smmw-hycj
7
vulnerability VCID-94sc-9fyk-2uay
8
vulnerability VCID-9gte-ub5c-mqas
9
vulnerability VCID-a2mn-k8qn-j7c9
10
vulnerability VCID-ctr3-kt63-hybf
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-enwr-t7r8-xyge
13
vulnerability VCID-euam-6b48-suhg
14
vulnerability VCID-f5jj-23tj-wkbu
15
vulnerability VCID-f6vc-8z9a-cqej
16
vulnerability VCID-ft2p-3a61-wudj
17
vulnerability VCID-gf2z-99wt-3qcg
18
vulnerability VCID-hbre-ty72-g7gy
19
vulnerability VCID-hcbc-9c78-yye6
20
vulnerability VCID-k55s-dcep-mbbk
21
vulnerability VCID-mgxx-zdm4-9fe7
22
vulnerability VCID-ntcr-n7fp-j3ab
23
vulnerability VCID-qxz4-rh86-cfcu
24
vulnerability VCID-rgfy-hqz1-zyb4
25
vulnerability VCID-rv3b-5ja1-dkdv
26
vulnerability VCID-tk7j-4vsm-e7c6
27
vulnerability VCID-u3gt-rhgh-p7ax
28
vulnerability VCID-v7ru-7kga-2bet
29
vulnerability VCID-vvzs-mjes-e3eq
30
vulnerability VCID-xm9z-aqhf-uqft
31
vulnerability VCID-y9ew-ydqv-4kbf
32
vulnerability VCID-z8qf-cqwg-zkan
33
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p7
1
url pkg:composer/magento/community-edition@2.4.6-p5
purl pkg:composer/magento/community-edition@2.4.6-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3sn5-689e-cbhk
9
vulnerability VCID-3v4v-ysx5-77gs
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4w8w-6563-3kfb
13
vulnerability VCID-5bn1-w5sa-ubft
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-6srg-smmw-hycj
20
vulnerability VCID-7dbc-v42e-j7d6
21
vulnerability VCID-7dzy-1fxw-xfes
22
vulnerability VCID-8crc-kmpq-63bd
23
vulnerability VCID-94sc-9fyk-2uay
24
vulnerability VCID-96gx-zvab-yyhe
25
vulnerability VCID-9rdk-3631-eqcw
26
vulnerability VCID-a2mn-k8qn-j7c9
27
vulnerability VCID-ac6e-denb-w7hy
28
vulnerability VCID-ctr3-kt63-hybf
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-enwr-t7r8-xyge
33
vulnerability VCID-euam-6b48-suhg
34
vulnerability VCID-ewjp-uxup-gqex
35
vulnerability VCID-f5jj-23tj-wkbu
36
vulnerability VCID-f6vc-8z9a-cqej
37
vulnerability VCID-ft2p-3a61-wudj
38
vulnerability VCID-gdh1-vff1-cfc2
39
vulnerability VCID-gf2z-99wt-3qcg
40
vulnerability VCID-hcbc-9c78-yye6
41
vulnerability VCID-jbs3-xb4d-j3gz
42
vulnerability VCID-jbzd-yjne-6ucr
43
vulnerability VCID-jehy-k235-4ua9
44
vulnerability VCID-jnsk-z1qy-8uh7
45
vulnerability VCID-k55s-dcep-mbbk
46
vulnerability VCID-khdx-kb5m-qyd7
47
vulnerability VCID-kumb-xzbe-5fb3
48
vulnerability VCID-mcuv-294k-5qc4
49
vulnerability VCID-mgxx-zdm4-9fe7
50
vulnerability VCID-mwg1-4tbg-53cg
51
vulnerability VCID-ntcr-n7fp-j3ab
52
vulnerability VCID-p84d-d8gt-ukck
53
vulnerability VCID-qsq4-2nz1-p7hu
54
vulnerability VCID-qxz4-rh86-cfcu
55
vulnerability VCID-rgfy-hqz1-zyb4
56
vulnerability VCID-rhp2-bwp6-k3d4
57
vulnerability VCID-rv3b-5ja1-dkdv
58
vulnerability VCID-t1ba-h3yd-yydc
59
vulnerability VCID-t5m6-39fh-zfhg
60
vulnerability VCID-tn7z-sztq-hbax
61
vulnerability VCID-u3gt-rhgh-p7ax
62
vulnerability VCID-v7r7-xtq1-gug6
63
vulnerability VCID-v7ru-7kga-2bet
64
vulnerability VCID-vthq-tuqs-5fg9
65
vulnerability VCID-vvzs-mjes-e3eq
66
vulnerability VCID-wdvt-5z3a-5bc2
67
vulnerability VCID-xde9-dz52-1fgp
68
vulnerability VCID-xm9z-aqhf-uqft
69
vulnerability VCID-y9ew-ydqv-4kbf
70
vulnerability VCID-yh52-jggb-jfgx
71
vulnerability VCID-z8qf-cqwg-zkan
72
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p5
2
url pkg:composer/magento/community-edition@2.4.7
purl pkg:composer/magento/community-edition@2.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-2495-ugn7-v7fk
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3jns-w9p4-jyca
10
vulnerability VCID-3sn5-689e-cbhk
11
vulnerability VCID-3tpy-wktb-wqdj
12
vulnerability VCID-3v4v-ysx5-77gs
13
vulnerability VCID-3vpy-uswf-5ugc
14
vulnerability VCID-3wnx-e9kp-fkg7
15
vulnerability VCID-46mz-swkk-suhn
16
vulnerability VCID-4kg3-wkw1-vqhy
17
vulnerability VCID-4w8w-6563-3kfb
18
vulnerability VCID-53d5-qzm4-vfgs
19
vulnerability VCID-5bn1-w5sa-ubft
20
vulnerability VCID-5du3-fvj3-87h7
21
vulnerability VCID-5fmh-e4j7-nbcf
22
vulnerability VCID-5tkb-ngcw-t7ap
23
vulnerability VCID-6g84-aswq-5kfb
24
vulnerability VCID-6mxj-tzme-zyhb
25
vulnerability VCID-6srg-smmw-hycj
26
vulnerability VCID-7dbc-v42e-j7d6
27
vulnerability VCID-7dzy-1fxw-xfes
28
vulnerability VCID-8crc-kmpq-63bd
29
vulnerability VCID-94sc-9fyk-2uay
30
vulnerability VCID-96gx-zvab-yyhe
31
vulnerability VCID-9gte-ub5c-mqas
32
vulnerability VCID-a2mn-k8qn-j7c9
33
vulnerability VCID-a9hc-nhv2-7ubx
34
vulnerability VCID-ac6e-denb-w7hy
35
vulnerability VCID-annu-j9a3-xkhs
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-euam-6b48-suhg
43
vulnerability VCID-ewjp-uxup-gqex
44
vulnerability VCID-f5jj-23tj-wkbu
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-ft2p-3a61-wudj
47
vulnerability VCID-gdh1-vff1-cfc2
48
vulnerability VCID-gf2z-99wt-3qcg
49
vulnerability VCID-gkb3-ddu2-qyg6
50
vulnerability VCID-gyd8-hu6s-wkgt
51
vulnerability VCID-hbre-ty72-g7gy
52
vulnerability VCID-hcbc-9c78-yye6
53
vulnerability VCID-jbs3-xb4d-j3gz
54
vulnerability VCID-jbzd-yjne-6ucr
55
vulnerability VCID-jede-wz7z-2ugt
56
vulnerability VCID-jehy-k235-4ua9
57
vulnerability VCID-jg5k-6vqh-57ey
58
vulnerability VCID-jnsk-z1qy-8uh7
59
vulnerability VCID-k55s-dcep-mbbk
60
vulnerability VCID-khdx-kb5m-qyd7
61
vulnerability VCID-kumb-xzbe-5fb3
62
vulnerability VCID-mcuv-294k-5qc4
63
vulnerability VCID-mgk4-9tan-a7fj
64
vulnerability VCID-mgxx-zdm4-9fe7
65
vulnerability VCID-mwg1-4tbg-53cg
66
vulnerability VCID-ntcr-n7fp-j3ab
67
vulnerability VCID-p84d-d8gt-ukck
68
vulnerability VCID-qsq4-2nz1-p7hu
69
vulnerability VCID-qxz4-rh86-cfcu
70
vulnerability VCID-rgfy-hqz1-zyb4
71
vulnerability VCID-rhp2-bwp6-k3d4
72
vulnerability VCID-rv3b-5ja1-dkdv
73
vulnerability VCID-t1ba-h3yd-yydc
74
vulnerability VCID-t5m6-39fh-zfhg
75
vulnerability VCID-tk7j-4vsm-e7c6
76
vulnerability VCID-tn7z-sztq-hbax
77
vulnerability VCID-u3gt-rhgh-p7ax
78
vulnerability VCID-uv6e-ctrt-eycw
79
vulnerability VCID-v7r7-xtq1-gug6
80
vulnerability VCID-v7ru-7kga-2bet
81
vulnerability VCID-vjad-xkj2-nygh
82
vulnerability VCID-vthq-tuqs-5fg9
83
vulnerability VCID-vvzs-mjes-e3eq
84
vulnerability VCID-wdvt-5z3a-5bc2
85
vulnerability VCID-weqh-3ye3-nbbp
86
vulnerability VCID-xde9-dz52-1fgp
87
vulnerability VCID-xm9z-aqhf-uqft
88
vulnerability VCID-y9ew-ydqv-4kbf
89
vulnerability VCID-yh52-jggb-jfgx
90
vulnerability VCID-yjgp-6ntk-xbc3
91
vulnerability VCID-ypqs-5ju2-hkcz
92
vulnerability VCID-yzdu-4cnk-5uft
93
vulnerability VCID-z8qf-cqwg-zkan
94
vulnerability VCID-zacs-wg6m-qyg4
95
vulnerability VCID-zgzb-haur-s7aq
96
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7
aliases CVE-2024-20758, GHSA-wh4m-6rh3-p4rq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqpk-dh2p-4yc8
28
url VCID-qxz4-rh86-cfcu
vulnerability_id VCID-qxz4-rh86-cfcu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39418
reference_id
reference_type
scores
0
value 0.00328
scoring_system epss
scoring_elements 0.56023
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39418
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:28Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39418
reference_id CVE-2024-39418
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39418
4
reference_url https://github.com/advisories/GHSA-gvgf-pvh5-vjh4
reference_id GHSA-gvgf-pvh5-vjh4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gvgf-pvh5-vjh4
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39418, GHSA-gvgf-pvh5-vjh4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxz4-rh86-cfcu
29
url VCID-rgfy-hqz1-zyb4
vulnerability_id VCID-rgfy-hqz1-zyb4
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39416
reference_id
reference_type
scores
0
value 0.0032
scoring_system epss
scoring_elements 0.55283
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39416
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:27Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39416
reference_id CVE-2024-39416
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39416
4
reference_url https://github.com/advisories/GHSA-4xgg-rw35-7mv5
reference_id GHSA-4xgg-rw35-7mv5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4xgg-rw35-7mv5
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39416, GHSA-4xgg-rw35-7mv5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgfy-hqz1-zyb4
30
url VCID-rv3b-5ja1-dkdv
vulnerability_id VCID-rv3b-5ja1-dkdv
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34103
reference_id
reference_type
scores
0
value 0.01824
scoring_system epss
scoring_elements 0.83204
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34103
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
3
reference_url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
4
reference_url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
5
reference_url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
6
reference_url https://helpx.adobe.com/security/products/magento/apsb24-40.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:29Z/
url https://helpx.adobe.com/security/products/magento/apsb24-40.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34103
reference_id CVE-2024-34103
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34103
8
reference_url https://github.com/advisories/GHSA-f7q4-9gwv-6774
reference_id GHSA-f7q4-9gwv-6774
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7q4-9gwv-6774
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p8
purl pkg:composer/magento/community-edition@2.4.5-p8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-2495-ugn7-v7fk
2
vulnerability VCID-3hcd-r9gs-cfgh
3
vulnerability VCID-4w8w-6563-3kfb
4
vulnerability VCID-5bn1-w5sa-ubft
5
vulnerability VCID-94sc-9fyk-2uay
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a2mn-k8qn-j7c9
8
vulnerability VCID-ctr3-kt63-hybf
9
vulnerability VCID-d372-f5hu-1bhr
10
vulnerability VCID-enwr-t7r8-xyge
11
vulnerability VCID-euam-6b48-suhg
12
vulnerability VCID-f5jj-23tj-wkbu
13
vulnerability VCID-f6vc-8z9a-cqej
14
vulnerability VCID-ft2p-3a61-wudj
15
vulnerability VCID-gf2z-99wt-3qcg
16
vulnerability VCID-hbre-ty72-g7gy
17
vulnerability VCID-hcbc-9c78-yye6
18
vulnerability VCID-ntcr-n7fp-j3ab
19
vulnerability VCID-qxz4-rh86-cfcu
20
vulnerability VCID-rgfy-hqz1-zyb4
21
vulnerability VCID-tk7j-4vsm-e7c6
22
vulnerability VCID-u3gt-rhgh-p7ax
23
vulnerability VCID-v7ru-7kga-2bet
24
vulnerability VCID-vvzs-mjes-e3eq
25
vulnerability VCID-xm9z-aqhf-uqft
26
vulnerability VCID-y9ew-ydqv-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8
1
url pkg:composer/magento/community-edition@2.4.6-p6
purl pkg:composer/magento/community-edition@2.4.6-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3hcd-r9gs-cfgh
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3wnx-e9kp-fkg7
10
vulnerability VCID-46mz-swkk-suhn
11
vulnerability VCID-4w8w-6563-3kfb
12
vulnerability VCID-5bn1-w5sa-ubft
13
vulnerability VCID-5du3-fvj3-87h7
14
vulnerability VCID-5fmh-e4j7-nbcf
15
vulnerability VCID-5tkb-ngcw-t7ap
16
vulnerability VCID-6g84-aswq-5kfb
17
vulnerability VCID-6mxj-tzme-zyhb
18
vulnerability VCID-7dbc-v42e-j7d6
19
vulnerability VCID-7dzy-1fxw-xfes
20
vulnerability VCID-8crc-kmpq-63bd
21
vulnerability VCID-94sc-9fyk-2uay
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9rdk-3631-eqcw
24
vulnerability VCID-a2mn-k8qn-j7c9
25
vulnerability VCID-ac6e-denb-w7hy
26
vulnerability VCID-ctr3-kt63-hybf
27
vulnerability VCID-d6u8-dhmd-x3ed
28
vulnerability VCID-dqfx-d99q-jyd1
29
vulnerability VCID-ekn2-uahd-4qgw
30
vulnerability VCID-enwr-t7r8-xyge
31
vulnerability VCID-euam-6b48-suhg
32
vulnerability VCID-ewjp-uxup-gqex
33
vulnerability VCID-f5jj-23tj-wkbu
34
vulnerability VCID-f6vc-8z9a-cqej
35
vulnerability VCID-ft2p-3a61-wudj
36
vulnerability VCID-gdh1-vff1-cfc2
37
vulnerability VCID-gf2z-99wt-3qcg
38
vulnerability VCID-hcbc-9c78-yye6
39
vulnerability VCID-jbs3-xb4d-j3gz
40
vulnerability VCID-jbzd-yjne-6ucr
41
vulnerability VCID-jehy-k235-4ua9
42
vulnerability VCID-jnsk-z1qy-8uh7
43
vulnerability VCID-khdx-kb5m-qyd7
44
vulnerability VCID-kumb-xzbe-5fb3
45
vulnerability VCID-mcuv-294k-5qc4
46
vulnerability VCID-mwg1-4tbg-53cg
47
vulnerability VCID-ntcr-n7fp-j3ab
48
vulnerability VCID-p84d-d8gt-ukck
49
vulnerability VCID-qsq4-2nz1-p7hu
50
vulnerability VCID-qxz4-rh86-cfcu
51
vulnerability VCID-rgfy-hqz1-zyb4
52
vulnerability VCID-rhp2-bwp6-k3d4
53
vulnerability VCID-t1ba-h3yd-yydc
54
vulnerability VCID-t5m6-39fh-zfhg
55
vulnerability VCID-tn7z-sztq-hbax
56
vulnerability VCID-u3gt-rhgh-p7ax
57
vulnerability VCID-v7r7-xtq1-gug6
58
vulnerability VCID-v7ru-7kga-2bet
59
vulnerability VCID-vthq-tuqs-5fg9
60
vulnerability VCID-vvzs-mjes-e3eq
61
vulnerability VCID-wdvt-5z3a-5bc2
62
vulnerability VCID-xde9-dz52-1fgp
63
vulnerability VCID-xm9z-aqhf-uqft
64
vulnerability VCID-y9ew-ydqv-4kbf
65
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-34103, GHSA-f7q4-9gwv-6774
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rv3b-5ja1-dkdv
31
url VCID-tk7j-4vsm-e7c6
vulnerability_id VCID-tk7j-4vsm-e7c6
summary 
Magento vulnerable to privilege escalation due to incorrect authorization
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54267
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20459
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54267
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb25-94.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/
url https://helpx.adobe.com/security/products/magento/apsb25-94.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-54267
reference_id CVE-2025-54267
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-54267
4
reference_url https://github.com/advisories/GHSA-qvwr-p3hj-j6jf
reference_id GHSA-qvwr-p3hj-j6jf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qvwr-p3hj-j6jf
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.6-p13
purl pkg:composer/magento/community-edition@2.4.6-p13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13
1
url pkg:composer/magento/community-edition@2.4.7-p8
purl pkg:composer/magento/community-edition@2.4.7-p8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8
2
url pkg:composer/magento/community-edition@2.4.8-p3
purl pkg:composer/magento/community-edition@2.4.8-p3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3
3
url pkg:composer/magento/community-edition@2.4.9-alpha3
purl pkg:composer/magento/community-edition@2.4.9-alpha3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3
aliases CVE-2025-54267, GHSA-qvwr-p3hj-j6jf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tk7j-4vsm-e7c6
32
url VCID-u3gt-rhgh-p7ax
vulnerability_id VCID-u3gt-rhgh-p7ax
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39403
reference_id
reference_type
scores
0
value 0.02812
scoring_system epss
scoring_elements 0.86389
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39403
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:14Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39403
reference_id CVE-2024-39403
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39403
4
reference_url https://github.com/advisories/GHSA-mmp7-8cg4-9wrg
reference_id GHSA-mmp7-8cg4-9wrg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mmp7-8cg4-9wrg
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39403, GHSA-mmp7-8cg4-9wrg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3gt-rhgh-p7ax
33
url VCID-v7ru-7kga-2bet
vulnerability_id VCID-v7ru-7kga-2bet
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39408
reference_id
reference_type
scores
0
value 0.00515
scoring_system epss
scoring_elements 0.66912
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39408
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:17Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39408
reference_id CVE-2024-39408
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39408
4
reference_url https://github.com/advisories/GHSA-4cj6-f32v-6hgx
reference_id GHSA-4cj6-f32v-6hgx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4cj6-f32v-6hgx
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
3
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39408, GHSA-4cj6-f32v-6hgx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7ru-7kga-2bet
34
url VCID-vvzs-mjes-e3eq
vulnerability_id VCID-vvzs-mjes-e3eq
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39417
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.54108
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39417
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:31Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39417
reference_id CVE-2024-39417
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39417
4
reference_url https://github.com/advisories/GHSA-4xmj-f664-hv98
reference_id GHSA-4xmj-f664-hv98
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4xmj-f664-hv98
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39417, GHSA-4xmj-f664-hv98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vvzs-mjes-e3eq
35
url VCID-whzv-vgev-rqd4
vulnerability_id VCID-whzv-vgev-rqd4
summary 
Magento Open Source allows Cross-Site Scripting (XSS)
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field, that could be leveraged to gain admin access.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-20719
reference_id
reference_type
scores
0
value 0.01149
scoring_system epss
scoring_elements 0.78796
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-20719
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-03.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-21T05:00:29Z/
url https://helpx.adobe.com/security/products/magento/apsb24-03.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20719
reference_id CVE-2024-20719
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-20719
4
reference_url https://github.com/advisories/GHSA-264g-f7v8-q5qq
reference_id GHSA-264g-f7v8-q5qq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-264g-f7v8-q5qq
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p6
purl pkg:composer/magento/community-edition@2.4.5-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3hcd-r9gs-cfgh
4
vulnerability VCID-4w8w-6563-3kfb
5
vulnerability VCID-5bn1-w5sa-ubft
6
vulnerability VCID-6srg-smmw-hycj
7
vulnerability VCID-94sc-9fyk-2uay
8
vulnerability VCID-9gte-ub5c-mqas
9
vulnerability VCID-a2mn-k8qn-j7c9
10
vulnerability VCID-ctr3-kt63-hybf
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-enwr-t7r8-xyge
13
vulnerability VCID-euam-6b48-suhg
14
vulnerability VCID-f5jj-23tj-wkbu
15
vulnerability VCID-f6vc-8z9a-cqej
16
vulnerability VCID-ft2p-3a61-wudj
17
vulnerability VCID-gf2z-99wt-3qcg
18
vulnerability VCID-hbre-ty72-g7gy
19
vulnerability VCID-hcbc-9c78-yye6
20
vulnerability VCID-hwb9-yxzn-zub5
21
vulnerability VCID-k55s-dcep-mbbk
22
vulnerability VCID-mgxx-zdm4-9fe7
23
vulnerability VCID-ntcr-n7fp-j3ab
24
vulnerability VCID-pqpk-dh2p-4yc8
25
vulnerability VCID-qxz4-rh86-cfcu
26
vulnerability VCID-rgfy-hqz1-zyb4
27
vulnerability VCID-rv3b-5ja1-dkdv
28
vulnerability VCID-tk7j-4vsm-e7c6
29
vulnerability VCID-u3gt-rhgh-p7ax
30
vulnerability VCID-v7ru-7kga-2bet
31
vulnerability VCID-vvzs-mjes-e3eq
32
vulnerability VCID-xm9z-aqhf-uqft
33
vulnerability VCID-y9ew-ydqv-4kbf
34
vulnerability VCID-z8qf-cqwg-zkan
35
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6
1
url pkg:composer/magento/community-edition@2.4.6-p4
purl pkg:composer/magento/community-edition@2.4.6-p4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-1yj1-79jb-wyht
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3sn5-689e-cbhk
9
vulnerability VCID-3v4v-ysx5-77gs
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4w8w-6563-3kfb
13
vulnerability VCID-5bn1-w5sa-ubft
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-6srg-smmw-hycj
20
vulnerability VCID-7dbc-v42e-j7d6
21
vulnerability VCID-7dzy-1fxw-xfes
22
vulnerability VCID-8crc-kmpq-63bd
23
vulnerability VCID-94sc-9fyk-2uay
24
vulnerability VCID-96gx-zvab-yyhe
25
vulnerability VCID-9rdk-3631-eqcw
26
vulnerability VCID-a2mn-k8qn-j7c9
27
vulnerability VCID-ac6e-denb-w7hy
28
vulnerability VCID-ctr3-kt63-hybf
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-enwr-t7r8-xyge
33
vulnerability VCID-euam-6b48-suhg
34
vulnerability VCID-ewjp-uxup-gqex
35
vulnerability VCID-f5jj-23tj-wkbu
36
vulnerability VCID-f6vc-8z9a-cqej
37
vulnerability VCID-ft2p-3a61-wudj
38
vulnerability VCID-gdh1-vff1-cfc2
39
vulnerability VCID-gf2z-99wt-3qcg
40
vulnerability VCID-hcbc-9c78-yye6
41
vulnerability VCID-hwb9-yxzn-zub5
42
vulnerability VCID-jbs3-xb4d-j3gz
43
vulnerability VCID-jbzd-yjne-6ucr
44
vulnerability VCID-jehy-k235-4ua9
45
vulnerability VCID-jnsk-z1qy-8uh7
46
vulnerability VCID-k55s-dcep-mbbk
47
vulnerability VCID-khdx-kb5m-qyd7
48
vulnerability VCID-kumb-xzbe-5fb3
49
vulnerability VCID-mcuv-294k-5qc4
50
vulnerability VCID-mgxx-zdm4-9fe7
51
vulnerability VCID-mwg1-4tbg-53cg
52
vulnerability VCID-ntcr-n7fp-j3ab
53
vulnerability VCID-p84d-d8gt-ukck
54
vulnerability VCID-pqpk-dh2p-4yc8
55
vulnerability VCID-qsq4-2nz1-p7hu
56
vulnerability VCID-qxz4-rh86-cfcu
57
vulnerability VCID-rgfy-hqz1-zyb4
58
vulnerability VCID-rhp2-bwp6-k3d4
59
vulnerability VCID-rv3b-5ja1-dkdv
60
vulnerability VCID-t1ba-h3yd-yydc
61
vulnerability VCID-t5m6-39fh-zfhg
62
vulnerability VCID-tn7z-sztq-hbax
63
vulnerability VCID-u3gt-rhgh-p7ax
64
vulnerability VCID-v7r7-xtq1-gug6
65
vulnerability VCID-v7ru-7kga-2bet
66
vulnerability VCID-vthq-tuqs-5fg9
67
vulnerability VCID-vvzs-mjes-e3eq
68
vulnerability VCID-wdvt-5z3a-5bc2
69
vulnerability VCID-xde9-dz52-1fgp
70
vulnerability VCID-xm9z-aqhf-uqft
71
vulnerability VCID-y9ew-ydqv-4kbf
72
vulnerability VCID-yh52-jggb-jfgx
73
vulnerability VCID-z8qf-cqwg-zkan
74
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-20719, GHSA-264g-f7v8-q5qq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-whzv-vgev-rqd4
36
url VCID-xm9z-aqhf-uqft
vulnerability_id VCID-xm9z-aqhf-uqft
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39412
reference_id
reference_type
scores
0
value 0.00269
scoring_system epss
scoring_elements 0.50493
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39412
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:56Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39412
reference_id CVE-2024-39412
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39412
4
reference_url https://github.com/advisories/GHSA-7472-vw39-g2j3
reference_id GHSA-7472-vw39-g2j3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7472-vw39-g2j3
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
3
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39412, GHSA-7472-vw39-g2j3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xm9z-aqhf-uqft
37
url VCID-y9ew-ydqv-4kbf
vulnerability_id VCID-y9ew-ydqv-4kbf
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39414
reference_id
reference_type
scores
0
value 0.0032
scoring_system epss
scoring_elements 0.55283
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39414
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb24-61.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:42Z/
url https://helpx.adobe.com/security/products/magento/apsb24-61.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39414
reference_id CVE-2024-39414
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39414
4
reference_url https://github.com/advisories/GHSA-x6f9-hv9r-fgq4
reference_id GHSA-x6f9-hv9r-fgq4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x6f9-hv9r-fgq4
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p9
purl pkg:composer/magento/community-edition@2.4.5-p9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2495-ugn7-v7fk
1
vulnerability VCID-9gte-ub5c-mqas
2
vulnerability VCID-d372-f5hu-1bhr
3
vulnerability VCID-hbre-ty72-g7gy
4
vulnerability VCID-tk7j-4vsm-e7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9
1
url pkg:composer/magento/community-edition@2.4.6-p7
purl pkg:composer/magento/community-edition@2.4.6-p7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-27w8-khpp-c7hk
3
vulnerability VCID-29fa-krur-qqbv
4
vulnerability VCID-2eq5-hm5y-f3f4
5
vulnerability VCID-3sn5-689e-cbhk
6
vulnerability VCID-3v4v-ysx5-77gs
7
vulnerability VCID-3wnx-e9kp-fkg7
8
vulnerability VCID-46mz-swkk-suhn
9
vulnerability VCID-5du3-fvj3-87h7
10
vulnerability VCID-5fmh-e4j7-nbcf
11
vulnerability VCID-5tkb-ngcw-t7ap
12
vulnerability VCID-6g84-aswq-5kfb
13
vulnerability VCID-6mxj-tzme-zyhb
14
vulnerability VCID-7dbc-v42e-j7d6
15
vulnerability VCID-7dzy-1fxw-xfes
16
vulnerability VCID-8crc-kmpq-63bd
17
vulnerability VCID-96gx-zvab-yyhe
18
vulnerability VCID-9rdk-3631-eqcw
19
vulnerability VCID-ac6e-denb-w7hy
20
vulnerability VCID-d6u8-dhmd-x3ed
21
vulnerability VCID-dqfx-d99q-jyd1
22
vulnerability VCID-ekn2-uahd-4qgw
23
vulnerability VCID-ewjp-uxup-gqex
24
vulnerability VCID-gdh1-vff1-cfc2
25
vulnerability VCID-jbs3-xb4d-j3gz
26
vulnerability VCID-jbzd-yjne-6ucr
27
vulnerability VCID-jehy-k235-4ua9
28
vulnerability VCID-jnsk-z1qy-8uh7
29
vulnerability VCID-khdx-kb5m-qyd7
30
vulnerability VCID-kumb-xzbe-5fb3
31
vulnerability VCID-mcuv-294k-5qc4
32
vulnerability VCID-mwg1-4tbg-53cg
33
vulnerability VCID-p84d-d8gt-ukck
34
vulnerability VCID-qsq4-2nz1-p7hu
35
vulnerability VCID-rhp2-bwp6-k3d4
36
vulnerability VCID-t1ba-h3yd-yydc
37
vulnerability VCID-t5m6-39fh-zfhg
38
vulnerability VCID-tn7z-sztq-hbax
39
vulnerability VCID-v7r7-xtq1-gug6
40
vulnerability VCID-vthq-tuqs-5fg9
41
vulnerability VCID-wdvt-5z3a-5bc2
42
vulnerability VCID-xde9-dz52-1fgp
43
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7
2
url pkg:composer/magento/community-edition@2.4.7-p2
purl pkg:composer/magento/community-edition@2.4.7-p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3jns-w9p4-jyca
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3vpy-uswf-5ugc
10
vulnerability VCID-3wnx-e9kp-fkg7
11
vulnerability VCID-46mz-swkk-suhn
12
vulnerability VCID-4kg3-wkw1-vqhy
13
vulnerability VCID-53d5-qzm4-vfgs
14
vulnerability VCID-5du3-fvj3-87h7
15
vulnerability VCID-5fmh-e4j7-nbcf
16
vulnerability VCID-5tkb-ngcw-t7ap
17
vulnerability VCID-6g84-aswq-5kfb
18
vulnerability VCID-6mxj-tzme-zyhb
19
vulnerability VCID-7dbc-v42e-j7d6
20
vulnerability VCID-7dzy-1fxw-xfes
21
vulnerability VCID-8crc-kmpq-63bd
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9gte-ub5c-mqas
24
vulnerability VCID-9rdk-3631-eqcw
25
vulnerability VCID-a9hc-nhv2-7ubx
26
vulnerability VCID-ac6e-denb-w7hy
27
vulnerability VCID-annu-j9a3-xkhs
28
vulnerability VCID-d372-f5hu-1bhr
29
vulnerability VCID-d6u8-dhmd-x3ed
30
vulnerability VCID-dqfx-d99q-jyd1
31
vulnerability VCID-ekn2-uahd-4qgw
32
vulnerability VCID-epeq-fvse-xudw
33
vulnerability VCID-ewjp-uxup-gqex
34
vulnerability VCID-gdh1-vff1-cfc2
35
vulnerability VCID-gyd8-hu6s-wkgt
36
vulnerability VCID-hbre-ty72-g7gy
37
vulnerability VCID-jbs3-xb4d-j3gz
38
vulnerability VCID-jbzd-yjne-6ucr
39
vulnerability VCID-jehy-k235-4ua9
40
vulnerability VCID-jnsk-z1qy-8uh7
41
vulnerability VCID-khdx-kb5m-qyd7
42
vulnerability VCID-kumb-xzbe-5fb3
43
vulnerability VCID-mcuv-294k-5qc4
44
vulnerability VCID-mgk4-9tan-a7fj
45
vulnerability VCID-mwg1-4tbg-53cg
46
vulnerability VCID-p84d-d8gt-ukck
47
vulnerability VCID-qsq4-2nz1-p7hu
48
vulnerability VCID-rhp2-bwp6-k3d4
49
vulnerability VCID-t1ba-h3yd-yydc
50
vulnerability VCID-t5m6-39fh-zfhg
51
vulnerability VCID-tk7j-4vsm-e7c6
52
vulnerability VCID-tn7z-sztq-hbax
53
vulnerability VCID-uv6e-ctrt-eycw
54
vulnerability VCID-v7r7-xtq1-gug6
55
vulnerability VCID-vjad-xkj2-nygh
56
vulnerability VCID-vthq-tuqs-5fg9
57
vulnerability VCID-wdvt-5z3a-5bc2
58
vulnerability VCID-weqh-3ye3-nbbp
59
vulnerability VCID-xde9-dz52-1fgp
60
vulnerability VCID-yh52-jggb-jfgx
61
vulnerability VCID-yjgp-6ntk-xbc3
62
vulnerability VCID-yzdu-4cnk-5uft
63
vulnerability VCID-zacs-wg6m-qyg4
64
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2
aliases CVE-2024-39414, GHSA-x6f9-hv9r-fgq4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9ew-ydqv-4kbf
38
url VCID-z8qf-cqwg-zkan
vulnerability_id VCID-z8qf-cqwg-zkan
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34102
reference_id
reference_type
scores
0
value 0.94149
scoring_system epss
scoring_elements 0.99919
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34102
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
3
reference_url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
4
reference_url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
5
reference_url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23
6
reference_url https://helpx.adobe.com/security/products/magento/apsb24-40.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/
url https://helpx.adobe.com/security/products/magento/apsb24-40.html
7
reference_url https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/
url https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34102
reference_id CVE-2024-34102
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34102
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml
reference_id CVE-2024-34102.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml
10
reference_url https://github.com/advisories/GHSA-m8cj-3v68-3cxj
reference_id GHSA-m8cj-3v68-3cxj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m8cj-3v68-3cxj
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p8
purl pkg:composer/magento/community-edition@2.4.5-p8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-2495-ugn7-v7fk
2
vulnerability VCID-3hcd-r9gs-cfgh
3
vulnerability VCID-4w8w-6563-3kfb
4
vulnerability VCID-5bn1-w5sa-ubft
5
vulnerability VCID-94sc-9fyk-2uay
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a2mn-k8qn-j7c9
8
vulnerability VCID-ctr3-kt63-hybf
9
vulnerability VCID-d372-f5hu-1bhr
10
vulnerability VCID-enwr-t7r8-xyge
11
vulnerability VCID-euam-6b48-suhg
12
vulnerability VCID-f5jj-23tj-wkbu
13
vulnerability VCID-f6vc-8z9a-cqej
14
vulnerability VCID-ft2p-3a61-wudj
15
vulnerability VCID-gf2z-99wt-3qcg
16
vulnerability VCID-hbre-ty72-g7gy
17
vulnerability VCID-hcbc-9c78-yye6
18
vulnerability VCID-ntcr-n7fp-j3ab
19
vulnerability VCID-qxz4-rh86-cfcu
20
vulnerability VCID-rgfy-hqz1-zyb4
21
vulnerability VCID-tk7j-4vsm-e7c6
22
vulnerability VCID-u3gt-rhgh-p7ax
23
vulnerability VCID-v7ru-7kga-2bet
24
vulnerability VCID-vvzs-mjes-e3eq
25
vulnerability VCID-xm9z-aqhf-uqft
26
vulnerability VCID-y9ew-ydqv-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8
1
url pkg:composer/magento/community-edition@2.4.6-p6
purl pkg:composer/magento/community-edition@2.4.6-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3hcd-r9gs-cfgh
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3wnx-e9kp-fkg7
10
vulnerability VCID-46mz-swkk-suhn
11
vulnerability VCID-4w8w-6563-3kfb
12
vulnerability VCID-5bn1-w5sa-ubft
13
vulnerability VCID-5du3-fvj3-87h7
14
vulnerability VCID-5fmh-e4j7-nbcf
15
vulnerability VCID-5tkb-ngcw-t7ap
16
vulnerability VCID-6g84-aswq-5kfb
17
vulnerability VCID-6mxj-tzme-zyhb
18
vulnerability VCID-7dbc-v42e-j7d6
19
vulnerability VCID-7dzy-1fxw-xfes
20
vulnerability VCID-8crc-kmpq-63bd
21
vulnerability VCID-94sc-9fyk-2uay
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9rdk-3631-eqcw
24
vulnerability VCID-a2mn-k8qn-j7c9
25
vulnerability VCID-ac6e-denb-w7hy
26
vulnerability VCID-ctr3-kt63-hybf
27
vulnerability VCID-d6u8-dhmd-x3ed
28
vulnerability VCID-dqfx-d99q-jyd1
29
vulnerability VCID-ekn2-uahd-4qgw
30
vulnerability VCID-enwr-t7r8-xyge
31
vulnerability VCID-euam-6b48-suhg
32
vulnerability VCID-ewjp-uxup-gqex
33
vulnerability VCID-f5jj-23tj-wkbu
34
vulnerability VCID-f6vc-8z9a-cqej
35
vulnerability VCID-ft2p-3a61-wudj
36
vulnerability VCID-gdh1-vff1-cfc2
37
vulnerability VCID-gf2z-99wt-3qcg
38
vulnerability VCID-hcbc-9c78-yye6
39
vulnerability VCID-jbs3-xb4d-j3gz
40
vulnerability VCID-jbzd-yjne-6ucr
41
vulnerability VCID-jehy-k235-4ua9
42
vulnerability VCID-jnsk-z1qy-8uh7
43
vulnerability VCID-khdx-kb5m-qyd7
44
vulnerability VCID-kumb-xzbe-5fb3
45
vulnerability VCID-mcuv-294k-5qc4
46
vulnerability VCID-mwg1-4tbg-53cg
47
vulnerability VCID-ntcr-n7fp-j3ab
48
vulnerability VCID-p84d-d8gt-ukck
49
vulnerability VCID-qsq4-2nz1-p7hu
50
vulnerability VCID-qxz4-rh86-cfcu
51
vulnerability VCID-rgfy-hqz1-zyb4
52
vulnerability VCID-rhp2-bwp6-k3d4
53
vulnerability VCID-t1ba-h3yd-yydc
54
vulnerability VCID-t5m6-39fh-zfhg
55
vulnerability VCID-tn7z-sztq-hbax
56
vulnerability VCID-u3gt-rhgh-p7ax
57
vulnerability VCID-v7r7-xtq1-gug6
58
vulnerability VCID-v7ru-7kga-2bet
59
vulnerability VCID-vthq-tuqs-5fg9
60
vulnerability VCID-vvzs-mjes-e3eq
61
vulnerability VCID-wdvt-5z3a-5bc2
62
vulnerability VCID-xde9-dz52-1fgp
63
vulnerability VCID-xm9z-aqhf-uqft
64
vulnerability VCID-y9ew-ydqv-4kbf
65
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-34102, GHSA-m8cj-3v68-3cxj
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8qf-cqwg-zkan
39
url VCID-zwsv-4q8h-x3e7
vulnerability_id VCID-zwsv-4q8h-x3e7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34111
reference_id
reference_type
scores
0
value 0.00759
scoring_system epss
scoring_elements 0.73625
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34111
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799
3
reference_url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2
4
reference_url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c
5
reference_url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482
6
reference_url https://helpx.adobe.com/security/products/magento/apsb24-40.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T21:18:03Z/
url https://helpx.adobe.com/security/products/magento/apsb24-40.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34111
reference_id CVE-2024-34111
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34111
8
reference_url https://github.com/advisories/GHSA-jmqp-r3gg-6jh3
reference_id GHSA-jmqp-r3gg-6jh3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jmqp-r3gg-6jh3
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.5-p8
purl pkg:composer/magento/community-edition@2.4.5-p8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wxk-rhfp-qqgp
1
vulnerability VCID-2495-ugn7-v7fk
2
vulnerability VCID-3hcd-r9gs-cfgh
3
vulnerability VCID-4w8w-6563-3kfb
4
vulnerability VCID-5bn1-w5sa-ubft
5
vulnerability VCID-94sc-9fyk-2uay
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a2mn-k8qn-j7c9
8
vulnerability VCID-ctr3-kt63-hybf
9
vulnerability VCID-d372-f5hu-1bhr
10
vulnerability VCID-enwr-t7r8-xyge
11
vulnerability VCID-euam-6b48-suhg
12
vulnerability VCID-f5jj-23tj-wkbu
13
vulnerability VCID-f6vc-8z9a-cqej
14
vulnerability VCID-ft2p-3a61-wudj
15
vulnerability VCID-gf2z-99wt-3qcg
16
vulnerability VCID-hbre-ty72-g7gy
17
vulnerability VCID-hcbc-9c78-yye6
18
vulnerability VCID-ntcr-n7fp-j3ab
19
vulnerability VCID-qxz4-rh86-cfcu
20
vulnerability VCID-rgfy-hqz1-zyb4
21
vulnerability VCID-tk7j-4vsm-e7c6
22
vulnerability VCID-u3gt-rhgh-p7ax
23
vulnerability VCID-v7ru-7kga-2bet
24
vulnerability VCID-vvzs-mjes-e3eq
25
vulnerability VCID-xm9z-aqhf-uqft
26
vulnerability VCID-y9ew-ydqv-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8
1
url pkg:composer/magento/community-edition@2.4.6-p6
purl pkg:composer/magento/community-edition@2.4.6-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-27w8-khpp-c7hk
4
vulnerability VCID-29fa-krur-qqbv
5
vulnerability VCID-2eq5-hm5y-f3f4
6
vulnerability VCID-3hcd-r9gs-cfgh
7
vulnerability VCID-3sn5-689e-cbhk
8
vulnerability VCID-3v4v-ysx5-77gs
9
vulnerability VCID-3wnx-e9kp-fkg7
10
vulnerability VCID-46mz-swkk-suhn
11
vulnerability VCID-4w8w-6563-3kfb
12
vulnerability VCID-5bn1-w5sa-ubft
13
vulnerability VCID-5du3-fvj3-87h7
14
vulnerability VCID-5fmh-e4j7-nbcf
15
vulnerability VCID-5tkb-ngcw-t7ap
16
vulnerability VCID-6g84-aswq-5kfb
17
vulnerability VCID-6mxj-tzme-zyhb
18
vulnerability VCID-7dbc-v42e-j7d6
19
vulnerability VCID-7dzy-1fxw-xfes
20
vulnerability VCID-8crc-kmpq-63bd
21
vulnerability VCID-94sc-9fyk-2uay
22
vulnerability VCID-96gx-zvab-yyhe
23
vulnerability VCID-9rdk-3631-eqcw
24
vulnerability VCID-a2mn-k8qn-j7c9
25
vulnerability VCID-ac6e-denb-w7hy
26
vulnerability VCID-ctr3-kt63-hybf
27
vulnerability VCID-d6u8-dhmd-x3ed
28
vulnerability VCID-dqfx-d99q-jyd1
29
vulnerability VCID-ekn2-uahd-4qgw
30
vulnerability VCID-enwr-t7r8-xyge
31
vulnerability VCID-euam-6b48-suhg
32
vulnerability VCID-ewjp-uxup-gqex
33
vulnerability VCID-f5jj-23tj-wkbu
34
vulnerability VCID-f6vc-8z9a-cqej
35
vulnerability VCID-ft2p-3a61-wudj
36
vulnerability VCID-gdh1-vff1-cfc2
37
vulnerability VCID-gf2z-99wt-3qcg
38
vulnerability VCID-hcbc-9c78-yye6
39
vulnerability VCID-jbs3-xb4d-j3gz
40
vulnerability VCID-jbzd-yjne-6ucr
41
vulnerability VCID-jehy-k235-4ua9
42
vulnerability VCID-jnsk-z1qy-8uh7
43
vulnerability VCID-khdx-kb5m-qyd7
44
vulnerability VCID-kumb-xzbe-5fb3
45
vulnerability VCID-mcuv-294k-5qc4
46
vulnerability VCID-mwg1-4tbg-53cg
47
vulnerability VCID-ntcr-n7fp-j3ab
48
vulnerability VCID-p84d-d8gt-ukck
49
vulnerability VCID-qsq4-2nz1-p7hu
50
vulnerability VCID-qxz4-rh86-cfcu
51
vulnerability VCID-rgfy-hqz1-zyb4
52
vulnerability VCID-rhp2-bwp6-k3d4
53
vulnerability VCID-t1ba-h3yd-yydc
54
vulnerability VCID-t5m6-39fh-zfhg
55
vulnerability VCID-tn7z-sztq-hbax
56
vulnerability VCID-u3gt-rhgh-p7ax
57
vulnerability VCID-v7r7-xtq1-gug6
58
vulnerability VCID-v7ru-7kga-2bet
59
vulnerability VCID-vthq-tuqs-5fg9
60
vulnerability VCID-vvzs-mjes-e3eq
61
vulnerability VCID-wdvt-5z3a-5bc2
62
vulnerability VCID-xde9-dz52-1fgp
63
vulnerability VCID-xm9z-aqhf-uqft
64
vulnerability VCID-y9ew-ydqv-4kbf
65
vulnerability VCID-yh52-jggb-jfgx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6
2
url pkg:composer/magento/community-edition@2.4.7-beta1
purl pkg:composer/magento/community-edition@2.4.7-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3tpy-wktb-wqdj
11
vulnerability VCID-3v4v-ysx5-77gs
12
vulnerability VCID-3vpy-uswf-5ugc
13
vulnerability VCID-3wnx-e9kp-fkg7
14
vulnerability VCID-46mz-swkk-suhn
15
vulnerability VCID-4kg3-wkw1-vqhy
16
vulnerability VCID-4w8w-6563-3kfb
17
vulnerability VCID-53d5-qzm4-vfgs
18
vulnerability VCID-5bn1-w5sa-ubft
19
vulnerability VCID-5du3-fvj3-87h7
20
vulnerability VCID-5fmh-e4j7-nbcf
21
vulnerability VCID-5tkb-ngcw-t7ap
22
vulnerability VCID-6g84-aswq-5kfb
23
vulnerability VCID-6mxj-tzme-zyhb
24
vulnerability VCID-7dbc-v42e-j7d6
25
vulnerability VCID-7dzy-1fxw-xfes
26
vulnerability VCID-8crc-kmpq-63bd
27
vulnerability VCID-94sc-9fyk-2uay
28
vulnerability VCID-96gx-zvab-yyhe
29
vulnerability VCID-9gte-ub5c-mqas
30
vulnerability VCID-9rdk-3631-eqcw
31
vulnerability VCID-a2mn-k8qn-j7c9
32
vulnerability VCID-a9hc-nhv2-7ubx
33
vulnerability VCID-ac6e-denb-w7hy
34
vulnerability VCID-annu-j9a3-xkhs
35
vulnerability VCID-bm3p-s43s-uuce
36
vulnerability VCID-ctr3-kt63-hybf
37
vulnerability VCID-d372-f5hu-1bhr
38
vulnerability VCID-d6u8-dhmd-x3ed
39
vulnerability VCID-dqfx-d99q-jyd1
40
vulnerability VCID-ekn2-uahd-4qgw
41
vulnerability VCID-enwr-t7r8-xyge
42
vulnerability VCID-eu82-bgnu-rue2
43
vulnerability VCID-euam-6b48-suhg
44
vulnerability VCID-ewjp-uxup-gqex
45
vulnerability VCID-f6vc-8z9a-cqej
46
vulnerability VCID-gdh1-vff1-cfc2
47
vulnerability VCID-gkb3-ddu2-qyg6
48
vulnerability VCID-gyd8-hu6s-wkgt
49
vulnerability VCID-hbre-ty72-g7gy
50
vulnerability VCID-hcbc-9c78-yye6
51
vulnerability VCID-hwb9-yxzn-zub5
52
vulnerability VCID-jbs3-xb4d-j3gz
53
vulnerability VCID-jbzd-yjne-6ucr
54
vulnerability VCID-jede-wz7z-2ugt
55
vulnerability VCID-jehy-k235-4ua9
56
vulnerability VCID-jg5k-6vqh-57ey
57
vulnerability VCID-jnsk-z1qy-8uh7
58
vulnerability VCID-khdx-kb5m-qyd7
59
vulnerability VCID-kumb-xzbe-5fb3
60
vulnerability VCID-mcuv-294k-5qc4
61
vulnerability VCID-mgk4-9tan-a7fj
62
vulnerability VCID-mwg1-4tbg-53cg
63
vulnerability VCID-ntcr-n7fp-j3ab
64
vulnerability VCID-p84d-d8gt-ukck
65
vulnerability VCID-pqpk-dh2p-4yc8
66
vulnerability VCID-qsq4-2nz1-p7hu
67
vulnerability VCID-qxz4-rh86-cfcu
68
vulnerability VCID-rgfy-hqz1-zyb4
69
vulnerability VCID-rhp2-bwp6-k3d4
70
vulnerability VCID-t1ba-h3yd-yydc
71
vulnerability VCID-t5m6-39fh-zfhg
72
vulnerability VCID-tk7j-4vsm-e7c6
73
vulnerability VCID-tn7z-sztq-hbax
74
vulnerability VCID-u3gt-rhgh-p7ax
75
vulnerability VCID-ueg1-1xj3-aqcq
76
vulnerability VCID-v7r7-xtq1-gug6
77
vulnerability VCID-vjad-xkj2-nygh
78
vulnerability VCID-vt4j-zfwn-m3cd
79
vulnerability VCID-vthq-tuqs-5fg9
80
vulnerability VCID-vvzs-mjes-e3eq
81
vulnerability VCID-wdvt-5z3a-5bc2
82
vulnerability VCID-weqh-3ye3-nbbp
83
vulnerability VCID-xde9-dz52-1fgp
84
vulnerability VCID-y9ew-ydqv-4kbf
85
vulnerability VCID-yh52-jggb-jfgx
86
vulnerability VCID-yjgp-6ntk-xbc3
87
vulnerability VCID-ypqs-5ju2-hkcz
88
vulnerability VCID-yzdu-4cnk-5uft
89
vulnerability VCID-zacs-wg6m-qyg4
90
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1
aliases CVE-2024-34111, GHSA-jmqp-r3gg-6jh3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwsv-4q8h-x3e7
Fixing_vulnerabilities
0
url VCID-3tpy-wktb-wqdj
vulnerability_id VCID-3tpy-wktb-wqdj
summary 
Magento Open Source allows Server-Side Request Forgery (SSRF)
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction, scope is changed due to the fact that an attacker can enforce file read outside the application's path boundary.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26366
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.58093
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26366
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 5.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 5.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:49:13Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26366
reference_id CVE-2023-26366
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value 5.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26366
4
reference_url https://github.com/advisories/GHSA-8jxc-5f94-22vh
reference_id GHSA-8jxc-5f94-22vh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8jxc-5f94-22vh
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-26366, GHSA-8jxc-5f94-22vh
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3tpy-wktb-wqdj
1
url VCID-bm3p-s43s-uuce
vulnerability_id VCID-bm3p-s43s-uuce
summary 
Magento Open Source allows Cross-Site Scripting (XSS)
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Payload is stored in an admin area, resulting in high confidentiality and integrity impact.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38219
reference_id
reference_type
scores
0
value 0.0152
scoring_system epss
scoring_elements 0.81552
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38219
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:49:34Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38219
reference_id CVE-2023-38219
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38219
4
reference_url https://github.com/advisories/GHSA-3j7w-jp46-9752
reference_id GHSA-3j7w-jp46-9752
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3j7w-jp46-9752
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-38219, GHSA-3j7w-jp46-9752
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bm3p-s43s-uuce
2
url VCID-eu82-bgnu-rue2
vulnerability_id VCID-eu82-bgnu-rue2
summary 
Magento Open Source allows Incorrect Authorization
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38218
reference_id
reference_type
scores
0
value 0.00692
scoring_system epss
scoring_elements 0.72167
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38218
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38218
reference_id CVE-2023-38218
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38218
4
reference_url https://github.com/advisories/GHSA-rpc7-gf58-v3x2
reference_id GHSA-rpc7-gf58-v3x2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rpc7-gf58-v3x2
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-38218, GHSA-rpc7-gf58-v3x2
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu82-bgnu-rue2
3
url VCID-gkb3-ddu2-qyg6
vulnerability_id VCID-gkb3-ddu2-qyg6
summary 
Magento Open Source allows Uncontrolled Resource Consumption
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Uncontrolled Resource Consumption vulnerability that could lead into a minor application denial-of-service. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38251
reference_id
reference_type
scores
0
value 0.00232
scoring_system epss
scoring_elements 0.46059
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38251
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:50:04Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38251
reference_id CVE-2023-38251
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38251
4
reference_url https://github.com/advisories/GHSA-7pfc-834q-h497
reference_id GHSA-7pfc-834q-h497
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7pfc-834q-h497
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-38251, GHSA-7pfc-834q-h497
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkb3-ddu2-qyg6
4
url VCID-jede-wz7z-2ugt
vulnerability_id VCID-jede-wz7z-2ugt
summary 
Magento Open Source has Improper Input Validation Vulnerability
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26367
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58651
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26367
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:49:12Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26367
reference_id CVE-2023-26367
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26367
4
reference_url https://github.com/advisories/GHSA-9mx6-4gg4-85xj
reference_id GHSA-9mx6-4gg4-85xj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9mx6-4gg4-85xj
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-26367, GHSA-9mx6-4gg4-85xj
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jede-wz7z-2ugt
5
url VCID-jg5k-6vqh-57ey
vulnerability_id VCID-jg5k-6vqh-57ey
summary 
Magento Open Source allows SQL Injection
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38249
reference_id
reference_type
scores
0
value 0.01841
scoring_system epss
scoring_elements 0.83283
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38249
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:49:36Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38249
reference_id CVE-2023-38249
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38249
4
reference_url https://github.com/advisories/GHSA-rq36-9f5f-2gw7
reference_id GHSA-rq36-9f5f-2gw7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rq36-9f5f-2gw7
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-38249, GHSA-rq36-9f5f-2gw7
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jg5k-6vqh-57ey
6
url VCID-ueg1-1xj3-aqcq
vulnerability_id VCID-ueg1-1xj3-aqcq
summary 
Magento Open Source allows SQL Injection
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38221
reference_id
reference_type
scores
0
value 0.01841
scoring_system epss
scoring_elements 0.83283
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38221
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:49:37Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38221
reference_id CVE-2023-38221
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38221
4
reference_url https://github.com/advisories/GHSA-ggr8-3hwx-4f2m
reference_id GHSA-ggr8-3hwx-4f2m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ggr8-3hwx-4f2m
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-38221, GHSA-ggr8-3hwx-4f2m
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ueg1-1xj3-aqcq
7
url VCID-vt4j-zfwn-m3cd
vulnerability_id VCID-vt4j-zfwn-m3cd
summary 
Magento Open Source allows Improper Authorization
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Authorization vulnerability that could lead in a security feature bypass in a way that an attacker could access unauthorised data. Exploitation of this issue does not require user interaction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38220
reference_id
reference_type
scores
0
value 0.00153
scoring_system epss
scoring_elements 0.35687
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38220
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:50:06Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38220
reference_id CVE-2023-38220
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38220
4
reference_url https://github.com/advisories/GHSA-grc6-r6f8-xj7c
reference_id GHSA-grc6-r6f8-xj7c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-grc6-r6f8-xj7c
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-38220, GHSA-grc6-r6f8-xj7c
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vt4j-zfwn-m3cd
8
url VCID-ypqs-5ju2-hkcz
vulnerability_id VCID-ypqs-5ju2-hkcz
summary 
Magento Open Source allows SQL Injection
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38250
reference_id
reference_type
scores
0
value 0.01841
scoring_system epss
scoring_elements 0.83283
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38250
1
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/magento/magento2
2
reference_url https://helpx.adobe.com/security/products/magento/apsb23-50.html
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:49:35Z/
url https://helpx.adobe.com/security/products/magento/apsb23-50.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38250
reference_id CVE-2023-38250
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38250
4
reference_url https://github.com/advisories/GHSA-h3g9-cwr6-hphx
reference_id GHSA-h3g9-cwr6-hphx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h3g9-cwr6-hphx
fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p6
purl pkg:composer/magento/community-edition@2.4.4-p6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1yj1-79jb-wyht
2
vulnerability VCID-2495-ugn7-v7fk
3
vulnerability VCID-3jns-w9p4-jyca
4
vulnerability VCID-53d5-qzm4-vfgs
5
vulnerability VCID-6srg-smmw-hycj
6
vulnerability VCID-9gte-ub5c-mqas
7
vulnerability VCID-a9hc-nhv2-7ubx
8
vulnerability VCID-annu-j9a3-xkhs
9
vulnerability VCID-c7rf-4ky3-tyev
10
vulnerability VCID-ca94-mqq1-jyaz
11
vulnerability VCID-d372-f5hu-1bhr
12
vulnerability VCID-gyd8-hu6s-wkgt
13
vulnerability VCID-hbre-ty72-g7gy
14
vulnerability VCID-hwb9-yxzn-zub5
15
vulnerability VCID-k55s-dcep-mbbk
16
vulnerability VCID-mgk4-9tan-a7fj
17
vulnerability VCID-mgxx-zdm4-9fe7
18
vulnerability VCID-pqpk-dh2p-4yc8
19
vulnerability VCID-rv3b-5ja1-dkdv
20
vulnerability VCID-tk7j-4vsm-e7c6
21
vulnerability VCID-vjad-xkj2-nygh
22
vulnerability VCID-weqh-3ye3-nbbp
23
vulnerability VCID-whzv-vgev-rqd4
24
vulnerability VCID-yjgp-6ntk-xbc3
25
vulnerability VCID-yzdu-4cnk-5uft
26
vulnerability VCID-z8qf-cqwg-zkan
27
vulnerability VCID-zgzb-haur-s7aq
28
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p6
1
url pkg:composer/magento/community-edition@2.4.5-p5
purl pkg:composer/magento/community-edition@2.4.5-p5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16x4-fjuv-hbc4
1
vulnerability VCID-1wxk-rhfp-qqgp
2
vulnerability VCID-1yj1-79jb-wyht
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-3hcd-r9gs-cfgh
5
vulnerability VCID-4w8w-6563-3kfb
6
vulnerability VCID-5bn1-w5sa-ubft
7
vulnerability VCID-6srg-smmw-hycj
8
vulnerability VCID-94sc-9fyk-2uay
9
vulnerability VCID-9gte-ub5c-mqas
10
vulnerability VCID-a2mn-k8qn-j7c9
11
vulnerability VCID-c7rf-4ky3-tyev
12
vulnerability VCID-ca94-mqq1-jyaz
13
vulnerability VCID-ctr3-kt63-hybf
14
vulnerability VCID-d372-f5hu-1bhr
15
vulnerability VCID-enwr-t7r8-xyge
16
vulnerability VCID-euam-6b48-suhg
17
vulnerability VCID-f5jj-23tj-wkbu
18
vulnerability VCID-f6vc-8z9a-cqej
19
vulnerability VCID-ft2p-3a61-wudj
20
vulnerability VCID-gf2z-99wt-3qcg
21
vulnerability VCID-hbre-ty72-g7gy
22
vulnerability VCID-hcbc-9c78-yye6
23
vulnerability VCID-hwb9-yxzn-zub5
24
vulnerability VCID-k55s-dcep-mbbk
25
vulnerability VCID-mgxx-zdm4-9fe7
26
vulnerability VCID-ntcr-n7fp-j3ab
27
vulnerability VCID-pqpk-dh2p-4yc8
28
vulnerability VCID-qxz4-rh86-cfcu
29
vulnerability VCID-rgfy-hqz1-zyb4
30
vulnerability VCID-rv3b-5ja1-dkdv
31
vulnerability VCID-tk7j-4vsm-e7c6
32
vulnerability VCID-u3gt-rhgh-p7ax
33
vulnerability VCID-v7ru-7kga-2bet
34
vulnerability VCID-vvzs-mjes-e3eq
35
vulnerability VCID-whzv-vgev-rqd4
36
vulnerability VCID-xm9z-aqhf-uqft
37
vulnerability VCID-y9ew-ydqv-4kbf
38
vulnerability VCID-z8qf-cqwg-zkan
39
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5
2
url pkg:composer/magento/community-edition@2.4.6-p3
purl pkg:composer/magento/community-edition@2.4.6-p3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-16x4-fjuv-hbc4
2
vulnerability VCID-17xq-rhcp-z3hj
3
vulnerability VCID-1wxk-rhfp-qqgp
4
vulnerability VCID-1yj1-79jb-wyht
5
vulnerability VCID-27w8-khpp-c7hk
6
vulnerability VCID-29fa-krur-qqbv
7
vulnerability VCID-2eq5-hm5y-f3f4
8
vulnerability VCID-3hcd-r9gs-cfgh
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3wnx-e9kp-fkg7
12
vulnerability VCID-46mz-swkk-suhn
13
vulnerability VCID-4w8w-6563-3kfb
14
vulnerability VCID-5bn1-w5sa-ubft
15
vulnerability VCID-5du3-fvj3-87h7
16
vulnerability VCID-5fmh-e4j7-nbcf
17
vulnerability VCID-5tkb-ngcw-t7ap
18
vulnerability VCID-6g84-aswq-5kfb
19
vulnerability VCID-6mxj-tzme-zyhb
20
vulnerability VCID-6srg-smmw-hycj
21
vulnerability VCID-7dbc-v42e-j7d6
22
vulnerability VCID-7dzy-1fxw-xfes
23
vulnerability VCID-8crc-kmpq-63bd
24
vulnerability VCID-94sc-9fyk-2uay
25
vulnerability VCID-96gx-zvab-yyhe
26
vulnerability VCID-9rdk-3631-eqcw
27
vulnerability VCID-a2mn-k8qn-j7c9
28
vulnerability VCID-ac6e-denb-w7hy
29
vulnerability VCID-c7rf-4ky3-tyev
30
vulnerability VCID-ca94-mqq1-jyaz
31
vulnerability VCID-ctr3-kt63-hybf
32
vulnerability VCID-d6u8-dhmd-x3ed
33
vulnerability VCID-dqfx-d99q-jyd1
34
vulnerability VCID-ekn2-uahd-4qgw
35
vulnerability VCID-enwr-t7r8-xyge
36
vulnerability VCID-euam-6b48-suhg
37
vulnerability VCID-ewjp-uxup-gqex
38
vulnerability VCID-f5jj-23tj-wkbu
39
vulnerability VCID-f6vc-8z9a-cqej
40
vulnerability VCID-ft2p-3a61-wudj
41
vulnerability VCID-gdh1-vff1-cfc2
42
vulnerability VCID-gf2z-99wt-3qcg
43
vulnerability VCID-hcbc-9c78-yye6
44
vulnerability VCID-hwb9-yxzn-zub5
45
vulnerability VCID-jbs3-xb4d-j3gz
46
vulnerability VCID-jbzd-yjne-6ucr
47
vulnerability VCID-jehy-k235-4ua9
48
vulnerability VCID-jnsk-z1qy-8uh7
49
vulnerability VCID-k55s-dcep-mbbk
50
vulnerability VCID-khdx-kb5m-qyd7
51
vulnerability VCID-kumb-xzbe-5fb3
52
vulnerability VCID-mcuv-294k-5qc4
53
vulnerability VCID-mgxx-zdm4-9fe7
54
vulnerability VCID-mwg1-4tbg-53cg
55
vulnerability VCID-ntcr-n7fp-j3ab
56
vulnerability VCID-p84d-d8gt-ukck
57
vulnerability VCID-pqpk-dh2p-4yc8
58
vulnerability VCID-qsq4-2nz1-p7hu
59
vulnerability VCID-qxz4-rh86-cfcu
60
vulnerability VCID-rgfy-hqz1-zyb4
61
vulnerability VCID-rhp2-bwp6-k3d4
62
vulnerability VCID-rv3b-5ja1-dkdv
63
vulnerability VCID-t1ba-h3yd-yydc
64
vulnerability VCID-t5m6-39fh-zfhg
65
vulnerability VCID-tn7z-sztq-hbax
66
vulnerability VCID-u3gt-rhgh-p7ax
67
vulnerability VCID-v7r7-xtq1-gug6
68
vulnerability VCID-v7ru-7kga-2bet
69
vulnerability VCID-vthq-tuqs-5fg9
70
vulnerability VCID-vvzs-mjes-e3eq
71
vulnerability VCID-wdvt-5z3a-5bc2
72
vulnerability VCID-whzv-vgev-rqd4
73
vulnerability VCID-xde9-dz52-1fgp
74
vulnerability VCID-xm9z-aqhf-uqft
75
vulnerability VCID-y9ew-ydqv-4kbf
76
vulnerability VCID-yh52-jggb-jfgx
77
vulnerability VCID-z8qf-cqwg-zkan
78
vulnerability VCID-zwsv-4q8h-x3e7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p3
3
url pkg:composer/magento/community-edition@2.4.7-beta2
purl pkg:composer/magento/community-edition@2.4.7-beta2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11ed-qtc7-bqbg
1
vulnerability VCID-17xq-rhcp-z3hj
2
vulnerability VCID-1wxk-rhfp-qqgp
3
vulnerability VCID-2495-ugn7-v7fk
4
vulnerability VCID-27w8-khpp-c7hk
5
vulnerability VCID-29fa-krur-qqbv
6
vulnerability VCID-2eq5-hm5y-f3f4
7
vulnerability VCID-3hcd-r9gs-cfgh
8
vulnerability VCID-3jns-w9p4-jyca
9
vulnerability VCID-3sn5-689e-cbhk
10
vulnerability VCID-3v4v-ysx5-77gs
11
vulnerability VCID-3vpy-uswf-5ugc
12
vulnerability VCID-3wnx-e9kp-fkg7
13
vulnerability VCID-46mz-swkk-suhn
14
vulnerability VCID-4kg3-wkw1-vqhy
15
vulnerability VCID-4w8w-6563-3kfb
16
vulnerability VCID-53d5-qzm4-vfgs
17
vulnerability VCID-5bn1-w5sa-ubft
18
vulnerability VCID-5du3-fvj3-87h7
19
vulnerability VCID-5fmh-e4j7-nbcf
20
vulnerability VCID-5tkb-ngcw-t7ap
21
vulnerability VCID-6g84-aswq-5kfb
22
vulnerability VCID-6mxj-tzme-zyhb
23
vulnerability VCID-7dbc-v42e-j7d6
24
vulnerability VCID-7dzy-1fxw-xfes
25
vulnerability VCID-8crc-kmpq-63bd
26
vulnerability VCID-94sc-9fyk-2uay
27
vulnerability VCID-96gx-zvab-yyhe
28
vulnerability VCID-9gte-ub5c-mqas
29
vulnerability VCID-9rdk-3631-eqcw
30
vulnerability VCID-a2mn-k8qn-j7c9
31
vulnerability VCID-a9hc-nhv2-7ubx
32
vulnerability VCID-ac6e-denb-w7hy
33
vulnerability VCID-annu-j9a3-xkhs
34
vulnerability VCID-ctr3-kt63-hybf
35
vulnerability VCID-d372-f5hu-1bhr
36
vulnerability VCID-d6u8-dhmd-x3ed
37
vulnerability VCID-dqfx-d99q-jyd1
38
vulnerability VCID-ekn2-uahd-4qgw
39
vulnerability VCID-enwr-t7r8-xyge
40
vulnerability VCID-euam-6b48-suhg
41
vulnerability VCID-ewjp-uxup-gqex
42
vulnerability VCID-f6vc-8z9a-cqej
43
vulnerability VCID-gdh1-vff1-cfc2
44
vulnerability VCID-gyd8-hu6s-wkgt
45
vulnerability VCID-hbre-ty72-g7gy
46
vulnerability VCID-hcbc-9c78-yye6
47
vulnerability VCID-hwb9-yxzn-zub5
48
vulnerability VCID-jbs3-xb4d-j3gz
49
vulnerability VCID-jbzd-yjne-6ucr
50
vulnerability VCID-jehy-k235-4ua9
51
vulnerability VCID-jnsk-z1qy-8uh7
52
vulnerability VCID-khdx-kb5m-qyd7
53
vulnerability VCID-kumb-xzbe-5fb3
54
vulnerability VCID-mcuv-294k-5qc4
55
vulnerability VCID-mgk4-9tan-a7fj
56
vulnerability VCID-mwg1-4tbg-53cg
57
vulnerability VCID-ntcr-n7fp-j3ab
58
vulnerability VCID-p84d-d8gt-ukck
59
vulnerability VCID-pqpk-dh2p-4yc8
60
vulnerability VCID-qsq4-2nz1-p7hu
61
vulnerability VCID-qxz4-rh86-cfcu
62
vulnerability VCID-rgfy-hqz1-zyb4
63
vulnerability VCID-rhp2-bwp6-k3d4
64
vulnerability VCID-t1ba-h3yd-yydc
65
vulnerability VCID-t5m6-39fh-zfhg
66
vulnerability VCID-tk7j-4vsm-e7c6
67
vulnerability VCID-tn7z-sztq-hbax
68
vulnerability VCID-u3gt-rhgh-p7ax
69
vulnerability VCID-v7r7-xtq1-gug6
70
vulnerability VCID-vjad-xkj2-nygh
71
vulnerability VCID-vthq-tuqs-5fg9
72
vulnerability VCID-vvzs-mjes-e3eq
73
vulnerability VCID-wdvt-5z3a-5bc2
74
vulnerability VCID-weqh-3ye3-nbbp
75
vulnerability VCID-xde9-dz52-1fgp
76
vulnerability VCID-y9ew-ydqv-4kbf
77
vulnerability VCID-yh52-jggb-jfgx
78
vulnerability VCID-yjgp-6ntk-xbc3
79
vulnerability VCID-yzdu-4cnk-5uft
80
vulnerability VCID-zacs-wg6m-qyg4
81
vulnerability VCID-zgzb-haur-s7aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta2
aliases CVE-2023-38250, GHSA-h3g9-cwr6-hphx
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ypqs-5ju2-hkcz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p5