{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","type":"composer","namespace":"magento","name":"community-edition","version":"2.4.3-p1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.6-p13","latest_non_vulnerable_version":"2.4.9-alpha3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57823?format=json","vulnerability_id":"VCID-1jsp-392b-2fgb","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability by manipulating the timing between the check of a resource's state and its use, allowing unauthorized write access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49558","reference_id":"","reference_type":"","scores":[{"value":"0.00505","scoring_system":"epss","scoring_elements":"0.66592","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49558"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49558","reference_id":"CVE-2025-49558","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49558"},{"reference_url":"https://github.com/advisories/GHSA-wcmw-8xpp-rwfj","reference_id":"GHSA-wcmw-8xpp-rwfj","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wcmw-8xpp-rwfj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49558","GHSA-wcmw-8xpp-rwfj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1jsp-392b-2fgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56632?format=json","vulnerability_id":"VCID-2vsw-t8k2-4bfm","summary":"Adobe Commerce Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11  and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34796","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:11:11Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409","reference_id":"CVE-2025-24409","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409"},{"reference_url":"https://github.com/advisories/GHSA-vw47-79jv-3598","reference_id":"GHSA-vw47-79jv-3598","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vw47-79jv-3598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24409","GHSA-vw47-79jv-3598"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vsw-t8k2-4bfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57442?format=json","vulnerability_id":"VCID-3g5s-hryc-5qa9","summary":"Magneto contains stored XSS vulnerability\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47110","reference_id":"","reference_type":"","scores":[{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72632","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47110"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-10T18:09:25Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47110","reference_id":"CVE-2025-47110","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47110"},{"reference_url":"https://github.com/advisories/GHSA-j934-vjh5-vf9r","reference_id":"GHSA-j934-vjh5-vf9r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j934-vjh5-vf9r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/85398?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-47110","GHSA-j934-vjh5-vf9r"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3g5s-hryc-5qa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55685?format=json","vulnerability_id":"VCID-3zcy-b3th-ukhd","summary":"Magento Improper Access Control Leads to Privilege escalation\nAdobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46342","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419","reference_id":"CVE-2024-39419","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419"},{"reference_url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v","reference_id":"GHSA-74w7-cr4v-wf2v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39419","GHSA-74w7-cr4v-wf2v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zcy-b3th-ukhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57444?format=json","vulnerability_id":"VCID-4dae-vty8-b7hk","summary":"Magento Improper Access Control leads to security feature bypass\nAdobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27206","reference_id":"","reference_type":"","scores":[{"value":"0.00706","scoring_system":"epss","scoring_elements":"0.72543","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27206"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T18:08:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27206","reference_id":"CVE-2025-27206","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27206"},{"reference_url":"https://github.com/advisories/GHSA-g2pj-xmxq-3r9q","reference_id":"GHSA-g2pj-xmxq-3r9q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g2pj-xmxq-3r9q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-27206","GHSA-g2pj-xmxq-3r9q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dae-vty8-b7hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55687?format=json","vulnerability_id":"VCID-5gxr-xksz-5ydb","summary":"Magento Improper Authorization leads to security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411","reference_id":"CVE-2024-39411","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411"},{"reference_url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq","reference_id":"GHSA-qm77-mqf3-fmhq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39411","GHSA-qm77-mqf3-fmhq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5gxr-xksz-5ydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108761?format=json","vulnerability_id":"VCID-5wfa-wpby-dke1","summary":"Magento Open Source allows Improper Access Control\nAdobe Commerce versions 2.4.3-p3 (and earlier), 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35689","reference_id":"","reference_type":"","scores":[{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65783","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65836","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35689"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-48.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:52Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-48.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35689","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35689"},{"reference_url":"https://github.com/advisories/GHSA-5fxx-jwjm-x9hj","reference_id":"GHSA-5fxx-jwjm-x9hj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5fxx-jwjm-x9hj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65942?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/64405?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1"}],"aliases":["CVE-2022-35689","GHSA-5fxx-jwjm-x9hj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wfa-wpby-dke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57531?format=json","vulnerability_id":"VCID-6p6q-ctya-q3bv","summary":"Magento Authenticated Security feature bypass\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49549","reference_id":"","reference_type":"","scores":[{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66971","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49549"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:12:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49549","reference_id":"CVE-2025-49549","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49549"},{"reference_url":"https://github.com/advisories/GHSA-85jx-x9r4-45m2","reference_id":"GHSA-85jx-x9r4-45m2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-85jx-x9r4-45m2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49549","GHSA-85jx-x9r4-45m2"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6p6q-ctya-q3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56639?format=json","vulnerability_id":"VCID-6tx4-wexr-fkbb","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35712","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:35Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437","reference_id":"CVE-2025-24437","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437"},{"reference_url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv","reference_id":"GHSA-469f-wf4f-3jjv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24437","GHSA-469f-wf4f-3jjv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6tx4-wexr-fkbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55986?format=json","vulnerability_id":"VCID-7pr7-uqp1-sugt","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130","reference_id":"CVE-2024-45130","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130"},{"reference_url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576","reference_id":"GHSA-v3v6-jfvw-m576","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45130","GHSA-v3v6-jfvw-m576"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pr7-uqp1-sugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55982?format=json","vulnerability_id":"VCID-7s3w-8dn6-jqh7","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2697","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124","reference_id":"CVE-2024-45124","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124"},{"reference_url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv","reference_id":"GHSA-w3p2-pc3h-69wv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45124","GHSA-w3p2-pc3h-69wv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s3w-8dn6-jqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=json","vulnerability_id":"VCID-7s74-rdkp-vyaf","summary":"Magento Incorrect Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to perform actions with permissions that were not granted. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:01Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421","reference_id":"CVE-2025-24421","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421"},{"reference_url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr","reference_id":"GHSA-v6r2-425c-hfrr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24421","GHSA-v6r2-425c-hfrr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s74-rdkp-vyaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56636?format=json","vulnerability_id":"VCID-8hx4-r8bb-n7ge","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428","reference_id":"","reference_type":"","scores":[{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77594","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428","reference_id":"CVE-2025-24428","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428"},{"reference_url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr","reference_id":"GHSA-mm87-rrqx-94cr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24428","GHSA-mm87-rrqx-94cr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hx4-r8bb-n7ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56625?format=json","vulnerability_id":"VCID-8ky6-w2nk-9bds","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28955","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:40Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411","reference_id":"CVE-2025-24411","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411"},{"reference_url":"https://github.com/advisories/GHSA-36hw-x3cc-m258","reference_id":"GHSA-36hw-x3cc-m258","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-36hw-x3cc-m258"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24411","GHSA-36hw-x3cc-m258"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ky6-w2nk-9bds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57107?format=json","vulnerability_id":"VCID-8shb-t5zp-rqbu","summary":"Magento Improper Access Control leads to Security feature bypass\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50333","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:02Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190","reference_id":"CVE-2025-27190","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190"},{"reference_url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q","reference_id":"GHSA-6wq7-cg9h-mj6q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27190","GHSA-6wq7-cg9h-mj6q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8shb-t5zp-rqbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55677?format=json","vulnerability_id":"VCID-9vrt-uccb-myev","summary":"Magento Improper Authorization Leading to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415","reference_id":"CVE-2024-39415","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415"},{"reference_url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq","reference_id":"GHSA-gj93-84g5-mcjq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39415","GHSA-gj93-84g5-mcjq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vrt-uccb-myev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56631?format=json","vulnerability_id":"VCID-a9b6-tenb-afdw","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:48Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416","reference_id":"CVE-2025-24416","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416"},{"reference_url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9","reference_id":"GHSA-rjjw-g6hw-7pc9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24416","GHSA-rjjw-g6hw-7pc9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-tenb-afdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55362?format=json","vulnerability_id":"VCID-ayfe-5a7g-u7b7","summary":"Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34102","reference_id":"","reference_type":"","scores":[{"value":"0.94171","scoring_system":"epss","scoring_elements":"0.9992","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34102"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/"}],"url":"https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34102","reference_id":"CVE-2024-34102","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34102"},{"reference_url":"https://github.com/advisories/GHSA-m8cj-3v68-3cxj","reference_id":"GHSA-m8cj-3v68-3cxj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m8cj-3v68-3cxj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34102","GHSA-m8cj-3v68-3cxj"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ayfe-5a7g-u7b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56637?format=json","vulnerability_id":"VCID-b3cn-pjp3-4yhm","summary":"Magento Business Logic Error vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:39Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425","reference_id":"CVE-2025-24425","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425"},{"reference_url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh","reference_id":"GHSA-6ff8-jrfg-43hh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24425","GHSA-6ff8-jrfg-43hh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3cn-pjp3-4yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55686?format=json","vulnerability_id":"VCID-b9ry-u6qy-j7cc","summary":"Magento Improper Authorization leads to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:31Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417","reference_id":"CVE-2024-39417","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417"},{"reference_url":"https://github.com/advisories/GHSA-4xmj-f664-hv98","reference_id":"GHSA-4xmj-f664-hv98","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xmj-f664-hv98"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39417","GHSA-4xmj-f664-hv98"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ry-u6qy-j7cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55994?format=json","vulnerability_id":"VCID-bch8-kq49-skhm","summary":"Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123","reference_id":"","reference_type":"","scores":[{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123","reference_id":"CVE-2024-45123","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123"},{"reference_url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc","reference_id":"GHSA-88x2-cq34-5fwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45123","GHSA-88x2-cq34-5fwc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bch8-kq49-skhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55365?format=json","vulnerability_id":"VCID-bera-73sm-bbh7","summary":"Magento Open Source Incorrect Authorization vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of another user. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34106","reference_id":"","reference_type":"","scores":[{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71367","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34106"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:21:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34106","reference_id":"CVE-2024-34106","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34106"},{"reference_url":"https://github.com/advisories/GHSA-p6h9-gx5g-wg64","reference_id":"GHSA-p6h9-gx5g-wg64","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p6h9-gx5g-wg64"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34106","GHSA-p6h9-gx5g-wg64"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bera-73sm-bbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55688?format=json","vulnerability_id":"VCID-bkpz-ratd-e7ab","summary":"Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410","reference_id":"CVE-2024-39410","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410"},{"reference_url":"https://github.com/advisories/GHSA-4323-f82v-f6jr","reference_id":"GHSA-4323-f82v-f6jr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4323-f82v-f6jr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39410","GHSA-4323-f82v-f6jr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkpz-ratd-e7ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55364?format=json","vulnerability_id":"VCID-bzyh-c5tm-j7dn","summary":"Magento Open Source Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34105","reference_id":"","reference_type":"","scores":[{"value":"0.01961","scoring_system":"epss","scoring_elements":"0.83856","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34105"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:04:12Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34105","reference_id":"CVE-2024-34105","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34105"},{"reference_url":"https://github.com/advisories/GHSA-5632-wq7m-gfq9","reference_id":"GHSA-5632-wq7m-gfq9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5632-wq7m-gfq9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34105","GHSA-5632-wq7m-gfq9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bzyh-c5tm-j7dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109978?format=json","vulnerability_id":"VCID-c4ms-3und-c7d1","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34255","reference_id":"","reference_type":"","scores":[{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66834","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66874","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34255"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:09Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34255","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34255"},{"reference_url":"https://github.com/advisories/GHSA-x95x-f4g9-mm85","reference_id":"GHSA-x95x-f4g9-mm85","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x95x-f4g9-mm85"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34255","GHSA-x95x-f4g9-mm85"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ms-3und-c7d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48026?format=json","vulnerability_id":"VCID-cafy-5dd8-rudj","summary":"Magento allows incorrect authorization\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29548","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265","reference_id":"CVE-2025-54265","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265"},{"reference_url":"https://github.com/advisories/GHSA-r355-75hw-r8jf","reference_id":"GHSA-r355-75hw-r8jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r355-75hw-r8jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54265","GHSA-r355-75hw-r8jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cafy-5dd8-rudj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58128?format=json","vulnerability_id":"VCID-ccx1-qacj-2qev","summary":"Magento Community Edition Improper Input Validation vulnerability\nAdobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact to high. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54236","reference_id":"","reference_type":"","scores":[{"value":"0.72152","scoring_system":"epss","scoring_elements":"0.98771","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54236"},{"reference_url":"https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-88.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-10-24T14:08:30Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-88.html"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54236","reference_id":"CVE-2025-54236","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54236"},{"reference_url":"https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento","reference_id":"CVE-2025-54236-SESSIONREAPER-UNAUTHENTICATED-RCE-IN-MAGENTO","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento"},{"reference_url":"https://github.com/advisories/GHSA-wh92-6q6g-px7j","reference_id":"GHSA-wh92-6q6g-px7j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wh92-6q6g-px7j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64407?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66493?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2"}],"aliases":["CVE-2025-54236","GHSA-wh92-6q6g-px7j"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ccx1-qacj-2qev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57822?format=json","vulnerability_id":"VCID-cm2a-1yc5-v3cy","summary":"Magento has incorrect authorization issue that leads to arbitrary file system read\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49556","reference_id":"","reference_type":"","scores":[{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50269","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49556"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:25Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49556","reference_id":"CVE-2025-49556","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49556"},{"reference_url":"https://github.com/advisories/GHSA-7hrj-3c9x-xv5h","reference_id":"GHSA-7hrj-3c9x-xv5h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7hrj-3c9x-xv5h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49556","GHSA-7hrj-3c9x-xv5h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cm2a-1yc5-v3cy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55689?format=json","vulnerability_id":"VCID-cqjn-3z6n-sff1","summary":"Magento Improper Authorization leads to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55365","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:27Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416","reference_id":"CVE-2024-39416","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416"},{"reference_url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5","reference_id":"GHSA-4xgg-rw35-7mv5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39416","GHSA-4xgg-rw35-7mv5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjn-3z6n-sff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56643?format=json","vulnerability_id":"VCID-d6mk-hg8h-7qbc","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:09:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432","reference_id":"CVE-2025-24432","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432"},{"reference_url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47","reference_id":"GHSA-7jmr-43qj-pw47","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24432","GHSA-7jmr-43qj-pw47"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6mk-hg8h-7qbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48032?format=json","vulnerability_id":"VCID-dj5a-35gt-u7dn","summary":"Magento vulnerable to privilege escalation due to incorrect authorization\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20523","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267","reference_id":"CVE-2025-54267","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267"},{"reference_url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf","reference_id":"GHSA-qvwr-p3hj-j6jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54267","GHSA-qvwr-p3hj-j6jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dj5a-35gt-u7dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108762?format=json","vulnerability_id":"VCID-dpm5-tmsy-2bez","summary":"Magento Improper input validation vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42344","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39758","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39844","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42344"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42344","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42344"},{"reference_url":"https://github.com/advisories/GHSA-297f-r9w7-w492","reference_id":"GHSA-297f-r9w7-w492","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-297f-r9w7-w492"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/66998?format=json","purl":"pkg:composer/magento/community-edition@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-42344","GHSA-297f-r9w7-w492"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dpm5-tmsy-2bez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55700?format=json","vulnerability_id":"VCID-du16-f2wp-t3cw","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50575","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:56Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412","reference_id":"CVE-2024-39412","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412"},{"reference_url":"https://github.com/advisories/GHSA-7472-vw39-g2j3","reference_id":"GHSA-7472-vw39-g2j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7472-vw39-g2j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39412","GHSA-7472-vw39-g2j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-du16-f2wp-t3cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55357?format=json","vulnerability_id":"VCID-dur2-pfke-h7hf","summary":"Magento Open Source Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34107","reference_id":"","reference_type":"","scores":[{"value":"0.00729","scoring_system":"epss","scoring_elements":"0.73067","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34107"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:30:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34107","reference_id":"CVE-2024-34107","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34107"},{"reference_url":"https://github.com/advisories/GHSA-r7cm-g469-wm4g","reference_id":"GHSA-r7cm-g469-wm4g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r7cm-g469-wm4g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34107","GHSA-r7cm-g469-wm4g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dur2-pfke-h7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55363?format=json","vulnerability_id":"VCID-e7zd-dn28-4bf1","summary":"Magento Open Source Improper Authentication vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application. Exploitation of this issue does not require user interaction, but attack complexity is high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34103","reference_id":"","reference_type":"","scores":[{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.83255","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34103"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34103","reference_id":"CVE-2024-34103","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34103"},{"reference_url":"https://github.com/advisories/GHSA-f7q4-9gwv-6774","reference_id":"GHSA-f7q4-9gwv-6774","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f7q4-9gwv-6774"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34103","GHSA-f7q4-9gwv-6774"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7zd-dn28-4bf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55989?format=json","vulnerability_id":"VCID-eahe-s41f-ckc1","summary":"Magento Open Source Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116","reference_id":"","reference_type":"","scores":[{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-10T13:56:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116","reference_id":"CVE-2024-45116","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116"},{"reference_url":"https://github.com/advisories/GHSA-873m-72g6-853g","reference_id":"GHSA-873m-72g6-853g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-873m-72g6-853g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45116","GHSA-873m-72g6-853g"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eahe-s41f-ckc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57095?format=json","vulnerability_id":"VCID-egy6-nku7-zyap","summary":"Magento Improper Access Control leads to Security feature bypass\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50333","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:08Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191","reference_id":"CVE-2025-27191","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191"},{"reference_url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2","reference_id":"GHSA-vhcq-4xrm-2cr2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27191","GHSA-vhcq-4xrm-2cr2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egy6-nku7-zyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55998?format=json","vulnerability_id":"VCID-evth-swm9-k3de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121","reference_id":"CVE-2024-45121","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121"},{"reference_url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg","reference_id":"GHSA-2qhq-fw98-h6wg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45121","GHSA-2qhq-fw98-h6wg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evth-swm9-k3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57814?format=json","vulnerability_id":"VCID-eygc-ra9u-gyej","summary":"Magento Cross-Site Request Forgery (CSRF) vulnerability\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49555","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2931","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49555"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49555","reference_id":"CVE-2025-49555","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49555"},{"reference_url":"https://github.com/advisories/GHSA-5777-jj7p-mpqw","reference_id":"GHSA-5777-jj7p-mpqw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5777-jj7p-mpqw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49555","GHSA-5777-jj7p-mpqw"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eygc-ra9u-gyej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109931?format=json","vulnerability_id":"VCID-fyh6-gupt-eqgm","summary":"Magento Open Source has Improper Access Control vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user's account details. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35692","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6696","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6692","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35692"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35692","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35692"},{"reference_url":"https://github.com/advisories/GHSA-gm4m-9rm8-7rxj","reference_id":"GHSA-gm4m-9rm8-7rxj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gm4m-9rm8-7rxj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64403?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-35692","GHSA-gm4m-9rm8-7rxj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fyh6-gupt-eqgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56628?format=json","vulnerability_id":"VCID-fz5y-um7w-63f4","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410","reference_id":"","reference_type":"","scores":[{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410","reference_id":"CVE-2025-24410","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410"},{"reference_url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q","reference_id":"GHSA-gjxp-46rq-wg4q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24410","GHSA-gjxp-46rq-wg4q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz5y-um7w-63f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57819?format=json","vulnerability_id":"VCID-fzm9-e6bg-r7aw","summary":"Magento Cross-site Scripting vulnerability\nAdobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. These scripts may be used to escalate privileges within the application or compromise sensitive user data. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49557","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24233","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49557"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:12Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49557","reference_id":"CVE-2025-49557","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49557"},{"reference_url":"https://github.com/advisories/GHSA-8mq8-c243-2335","reference_id":"GHSA-8mq8-c243-2335","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8mq8-c243-2335"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86042?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p15"},{"url":"http://public2.vulnerablecode.io/api/packages/65942?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49557","GHSA-8mq8-c243-2335"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fzm9-e6bg-r7aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56647?format=json","vulnerability_id":"VCID-gedj-39p5-ubd6","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413","reference_id":"CVE-2025-24413","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413"},{"reference_url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j","reference_id":"GHSA-xwgx-8v72-4j5j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24413","GHSA-xwgx-8v72-4j5j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gedj-39p5-ubd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55993?format=json","vulnerability_id":"VCID-gxj9-a1hc-47de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:45:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118","reference_id":"CVE-2024-45118","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118"},{"reference_url":"https://github.com/advisories/GHSA-cg52-68fv-94qq","reference_id":"GHSA-cg52-68fv-94qq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cg52-68fv-94qq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45118","GHSA-cg52-68fv-94qq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxj9-a1hc-47de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56622?format=json","vulnerability_id":"VCID-hbau-7tvg-cygz","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39685","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429","reference_id":"CVE-2025-24429","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429"},{"reference_url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv","reference_id":"GHSA-656q-fx2w-8ccv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24429","GHSA-656q-fx2w-8ccv"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbau-7tvg-cygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108779?format=json","vulnerability_id":"VCID-hd53-pxmk-ruap","summary":"Magento Open Source allows Stored Cross-Site Scripting (Stored XSS)\nAdobe Commerce versions 2.4.3-p3 (and earlier), 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35698","reference_id":"","reference_type":"","scores":[{"value":"0.02186","scoring_system":"epss","scoring_elements":"0.84703","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02186","scoring_system":"epss","scoring_elements":"0.8468","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35698"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"7.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-48.html","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"7.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:24Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-48.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35698","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"7.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35698"},{"reference_url":"https://github.com/advisories/GHSA-4vj2-426r-jm3g","reference_id":"GHSA-4vj2-426r-jm3g","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4vj2-426r-jm3g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65942?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/64405?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1"}],"aliases":["CVE-2022-35698","GHSA-4vj2-426r-jm3g"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hd53-pxmk-ruap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55361?format=json","vulnerability_id":"VCID-hfbb-ax6r-tbaz","summary":"Magento Open Source Server-Side Request Forgery (SSRF) vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted request to the server, which could then cause the server to execute arbitrary code. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34111","reference_id":"","reference_type":"","scores":[{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73715","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34111"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T21:18:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34111","reference_id":"CVE-2024-34111","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34111"},{"reference_url":"https://github.com/advisories/GHSA-jmqp-r3gg-6jh3","reference_id":"GHSA-jmqp-r3gg-6jh3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmqp-r3gg-6jh3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34111","GHSA-jmqp-r3gg-6jh3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hfbb-ax6r-tbaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109930?format=json","vulnerability_id":"VCID-hq7k-qz7g-4bc2","summary":"Magento Path Traversal vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34254","reference_id":"","reference_type":"","scores":[{"value":"0.00599","scoring_system":"epss","scoring_elements":"0.6986","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00599","scoring_system":"epss","scoring_elements":"0.6982","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34254"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34254","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34254"},{"reference_url":"https://github.com/advisories/GHSA-fx9g-g9q6-x3jx","reference_id":"GHSA-fx9g-g9q6-x3jx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fx9g-g9q6-x3jx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34254","GHSA-fx9g-g9q6-x3jx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hq7k-qz7g-4bc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57100?format=json","vulnerability_id":"VCID-j6ss-8f4e-e7g2","summary":"Magento does not properly protect credentials\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2817","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192","reference_id":"CVE-2025-27192","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192"},{"reference_url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx","reference_id":"GHSA-2r94-wm5v-4prx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27192","GHSA-2r94-wm5v-4prx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6ss-8f4e-e7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56645?format=json","vulnerability_id":"VCID-jr49-4fs3-8qcp","summary":"Improper Authorization vulnerability in Magento and Adobe Commerce\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44087","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434","reference_id":"CVE-2025-24434","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434"},{"reference_url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c","reference_id":"GHSA-fppq-f2m6-xv5c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24434","GHSA-fppq-f2m6-xv5c"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jr49-4fs3-8qcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55678?format=json","vulnerability_id":"VCID-kezx-5nw5-hfen","summary":"Magento Improper Access Control Leads to Privilege escalation\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55365","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414","reference_id":"CVE-2024-39414","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414"},{"reference_url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4","reference_id":"GHSA-x6f9-hv9r-fgq4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39414","GHSA-x6f9-hv9r-fgq4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kezx-5nw5-hfen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55980?format=json","vulnerability_id":"VCID-kje4-asu6-dfg2","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129","reference_id":"CVE-2024-45129","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129"},{"reference_url":"https://github.com/advisories/GHSA-m58h-998x-66f3","reference_id":"GHSA-m58h-998x-66f3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m58h-998x-66f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45129","GHSA-m58h-998x-66f3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kje4-asu6-dfg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55359?format=json","vulnerability_id":"VCID-kq4m-anrt-rugn","summary":"Magento Open Source Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34104","reference_id":"","reference_type":"","scores":[{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70373","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34104"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:48:20Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34104","reference_id":"CVE-2024-34104","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34104"},{"reference_url":"https://github.com/advisories/GHSA-wwj3-573j-rvvm","reference_id":"GHSA-wwj3-573j-rvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wwj3-573j-rvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34104","GHSA-wwj3-573j-rvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kq4m-anrt-rugn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55676?format=json","vulnerability_id":"VCID-kuzc-uv5b-v7an","summary":"Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409","reference_id":"CVE-2024-39409","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409"},{"reference_url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r","reference_id":"GHSA-rf4q-m23c-7q8r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39409","GHSA-rf4q-m23c-7q8r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kuzc-uv5b-v7an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110012?format=json","vulnerability_id":"VCID-kyvw-d4e8-1fd4","summary":"Magento XML Injection vulnerability in the Widgets Module\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34253","reference_id":"","reference_type":"","scores":[{"value":"0.37194","scoring_system":"epss","scoring_elements":"0.97252","published_at":"2026-06-04T12:55:00Z"},{"value":"0.37194","scoring_system":"epss","scoring_elements":"0.97256","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34253"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34253","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34253"},{"reference_url":"https://github.com/advisories/GHSA-cj7w-pm77-hvg6","reference_id":"GHSA-cj7w-pm77-hvg6","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cj7w-pm77-hvg6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34253","GHSA-cj7w-pm77-hvg6"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kyvw-d4e8-1fd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57533?format=json","vulnerability_id":"VCID-md7v-w5aq-t7h1","summary":"Magento Security feature bypass\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49550","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64889","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49550"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:07:51Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49550","reference_id":"CVE-2025-49550","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49550"},{"reference_url":"https://github.com/advisories/GHSA-8hcx-xvww-6c6h","reference_id":"GHSA-8hcx-xvww-6c6h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8hcx-xvww-6c6h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49550","GHSA-8hcx-xvww-6c6h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-md7v-w5aq-t7h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56626?format=json","vulnerability_id":"VCID-mhvf-2keh-2qar","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417","reference_id":"CVE-2025-24417","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417"},{"reference_url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2","reference_id":"GHSA-g3j6-9753-8mp2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24417","GHSA-g3j6-9753-8mp2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhvf-2keh-2qar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56646?format=json","vulnerability_id":"VCID-mjb6-7au8-5fdx","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414","reference_id":"CVE-2025-24414","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414"},{"reference_url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv","reference_id":"GHSA-fhw6-3mj5-w9gv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24414","GHSA-fhw6-3mj5-w9gv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjb6-7au8-5fdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110022?format=json","vulnerability_id":"VCID-mzsj-dck5-pqc5","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34258","reference_id":"","reference_type":"","scores":[{"value":"0.16184","scoring_system":"epss","scoring_elements":"0.94937","published_at":"2026-06-05T12:55:00Z"},{"value":"0.16184","scoring_system":"epss","scoring_elements":"0.94929","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34258"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34258","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34258"},{"reference_url":"https://github.com/advisories/GHSA-5m55-g8pv-x8ww","reference_id":"GHSA-5m55-g8pv-x8ww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5m55-g8pv-x8ww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34258","GHSA-5m55-g8pv-x8ww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzsj-dck5-pqc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55991?format=json","vulnerability_id":"VCID-ns8t-vtcn-aqh4","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:46Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149","reference_id":"CVE-2024-45149","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149"},{"reference_url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw","reference_id":"GHSA-w7rg-7wq2-pjrw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45149","GHSA-w7rg-7wq2-pjrw"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8t-vtcn-aqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110030?format=json","vulnerability_id":"VCID-pxxm-ce8x-abdq","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34259","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46128","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34259"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:18Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34259","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34259"},{"reference_url":"https://github.com/advisories/GHSA-9wjf-94h3-r4rh","reference_id":"GHSA-9wjf-94h3-r4rh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9wjf-94h3-r4rh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34259","GHSA-9wjf-94h3-r4rh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pxxm-ce8x-abdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55997?format=json","vulnerability_id":"VCID-qgpx-hgzu-5qgp","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30523","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:59:49Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122","reference_id":"CVE-2024-45122","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122"},{"reference_url":"https://github.com/advisories/GHSA-46fm-x82m-5f74","reference_id":"GHSA-46fm-x82m-5f74","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-46fm-x82m-5f74"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45122","GHSA-46fm-x82m-5f74"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgpx-hgzu-5qgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56623?format=json","vulnerability_id":"VCID-qp7s-amch-v3cd","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:16Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435","reference_id":"CVE-2025-24435","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435"},{"reference_url":"https://github.com/advisories/GHSA-82p4-55gj-956p","reference_id":"GHSA-82p4-55gj-956p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-82p4-55gj-956p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24435","GHSA-82p4-55gj-956p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp7s-amch-v3cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48030?format=json","vulnerability_id":"VCID-qrwc-3gsb-zkfy","summary":"Magento provides incorrect authorization through a security feature bypass\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25983","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263","reference_id":"CVE-2025-54263","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263"},{"reference_url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8","reference_id":"GHSA-69x9-xp2j-w8g8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54263","GHSA-69x9-xp2j-w8g8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrwc-3gsb-zkfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56642?format=json","vulnerability_id":"VCID-qzqd-271b-ybfj","summary":"Magento Information Exposure vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59659","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408","reference_id":"CVE-2025-24408","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408"},{"reference_url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8","reference_id":"GHSA-3cfg-w257-cgf8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24408","GHSA-3cfg-w257-cgf8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzqd-271b-ybfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56633?format=json","vulnerability_id":"VCID-r4bw-w4t9-23ek","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427","reference_id":"CVE-2025-24427","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427"},{"reference_url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg","reference_id":"GHSA-v3hq-g424-5mgg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24427","GHSA-v3hq-g424-5mgg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4bw-w4t9-23ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55978?format=json","vulnerability_id":"VCID-rduw-apr6-4fdu","summary":"Magento Open Source Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34443","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:00:24Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135","reference_id":"CVE-2024-45135","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135"},{"reference_url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww","reference_id":"GHSA-8pxg-gcp4-57ww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45135","GHSA-8pxg-gcp4-57ww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rduw-apr6-4fdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56630?format=json","vulnerability_id":"VCID-re84-qg3k-3ub3","summary":"Adobe Commerce Path Traversal\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4666","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:36Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406","reference_id":"CVE-2025-24406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406"},{"reference_url":"https://github.com/advisories/GHSA-954p-ff72-327w","reference_id":"GHSA-954p-ff72-327w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-954p-ff72-327w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24406","GHSA-954p-ff72-327w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-re84-qg3k-3ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55988?format=json","vulnerability_id":"VCID-rxac-w9pd-aqe1","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3242","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131","reference_id":"CVE-2024-45131","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131"},{"reference_url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm","reference_id":"GHSA-xc5p-773w-m3pm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45131","GHSA-xc5p-773w-m3pm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxac-w9pd-aqe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56635?format=json","vulnerability_id":"VCID-s4bp-kzfu-8qfy","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:41Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412","reference_id":"CVE-2025-24412","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412"},{"reference_url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px","reference_id":"GHSA-m4rg-mpp2-97px","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24412","GHSA-m4rg-mpp2-97px"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4bp-kzfu-8qfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-scg7-ugdn-53b9","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424","reference_id":"CVE-2025-24424","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424"},{"reference_url":"https://github.com/advisories/GHSA-539v-w87w-w62c","reference_id":"GHSA-539v-w87w-w62c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-539v-w87w-w62c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24424","GHSA-539v-w87w-w62c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scg7-ugdn-53b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55692?format=json","vulnerability_id":"VCID-shfz-pxan-v3ar","summary":"Magento Open Source Cross-Site Request Forgery vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408","reference_id":"CVE-2024-39408","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408"},{"reference_url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx","reference_id":"GHSA-4cj6-f32v-6hgx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39408","GHSA-4cj6-f32v-6hgx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shfz-pxan-v3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57435?format=json","vulnerability_id":"VCID-tc3m-4bkg-qkcf","summary":"Magento Improper Authorization leading to security feature bypass\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-43585","reference_id":"","reference_type":"","scores":[{"value":"0.00591","scoring_system":"epss","scoring_elements":"0.6963","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-43585"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T17:23:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43585","reference_id":"CVE-2025-43585","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43585"},{"reference_url":"https://github.com/advisories/GHSA-r487-9vv5-75gg","reference_id":"GHSA-r487-9vv5-75gg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r487-9vv5-75gg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-43585","GHSA-r487-9vv5-75gg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tc3m-4bkg-qkcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56624?format=json","vulnerability_id":"VCID-te3b-exz5-zke1","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415","reference_id":"CVE-2025-24415","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415"},{"reference_url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r","reference_id":"GHSA-gc27-rvvm-q77r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24415","GHSA-gc27-rvvm-q77r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-te3b-exz5-zke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48029?format=json","vulnerability_id":"VCID-th7y-aj51-mbaj","summary":"Magento vulnerable to stored Cross-Site Scripting (XSS)\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44021","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264","reference_id":"CVE-2025-54264","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264"},{"reference_url":"https://github.com/advisories/GHSA-2768-5wmv-cfff","reference_id":"GHSA-2768-5wmv-cfff","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2768-5wmv-cfff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54264","GHSA-2768-5wmv-cfff"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-th7y-aj51-mbaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56627?format=json","vulnerability_id":"VCID-tvz9-8s4d-gbg6","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430","reference_id":"CVE-2025-24430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430"},{"reference_url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq","reference_id":"GHSA-6w27-c66f-gvhq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24430","GHSA-6w27-c66f-gvhq"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvz9-8s4d-gbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55992?format=json","vulnerability_id":"VCID-txb3-ez5r-r7ek","summary":"Magento Open Source Improper Input Validation vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49631","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117","reference_id":"CVE-2024-45117","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117"},{"reference_url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g","reference_id":"GHSA-3fr3-gcqh-3m2g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45117","GHSA-3fr3-gcqh-3m2g"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txb3-ez5r-r7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57816?format=json","vulnerability_id":"VCID-tzug-ckkn-dyft","summary":"Magento vulnerable to denial of service\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49554","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52681","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49554"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:27Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49554","reference_id":"CVE-2025-49554","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49554"},{"reference_url":"https://github.com/advisories/GHSA-xgfm-992v-h2hr","reference_id":"GHSA-xgfm-992v-h2hr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xgfm-992v-h2hr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49554","GHSA-xgfm-992v-h2hr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzug-ckkn-dyft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55985?format=json","vulnerability_id":"VCID-ugyc-gehq-rudu","summary":"Magento Open Source Incorrect Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21314","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:06:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125","reference_id":"CVE-2024-45125","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125"},{"reference_url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh","reference_id":"GHSA-xg36-8c2v-jpxh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45125","GHSA-xg36-8c2v-jpxh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugyc-gehq-rudu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109934?format=json","vulnerability_id":"VCID-vcdk-gdky-7fdg","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34257","reference_id":"","reference_type":"","scores":[{"value":"0.00769","scoring_system":"epss","scoring_elements":"0.7387","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00769","scoring_system":"epss","scoring_elements":"0.73906","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34257"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:02Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34257","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34257"},{"reference_url":"https://github.com/advisories/GHSA-rg7p-wmgj-f374","reference_id":"GHSA-rg7p-wmgj-f374","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rg7p-wmgj-f374"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34257","GHSA-rg7p-wmgj-f374"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcdk-gdky-7fdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109923?format=json","vulnerability_id":"VCID-vp8y-y64r-wkc9","summary":"Magento Improper Authorization vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34256","reference_id":"","reference_type":"","scores":[{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61564","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61612","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34256"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:22Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34256"},{"reference_url":"https://github.com/advisories/GHSA-r7mm-grf3-5fjv","reference_id":"GHSA-r7mm-grf3-5fjv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r7mm-grf3-5fjv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34256","GHSA-r7mm-grf3-5fjv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vp8y-y64r-wkc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55979?format=json","vulnerability_id":"VCID-vu36-a1g1-nugt","summary":"Magento Open Source Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32354","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132","reference_id":"CVE-2024-45132","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132"},{"reference_url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm","reference_id":"GHSA-5f64-ppmg-cvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45132","GHSA-5f64-ppmg-cvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vu36-a1g1-nugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55996?format=json","vulnerability_id":"VCID-vx13-4b1d-wbgp","summary":"Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2257","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120","reference_id":"CVE-2024-45120","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120"},{"reference_url":"https://github.com/advisories/GHSA-47jp-46c9-25vf","reference_id":"GHSA-47jp-46c9-25vf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-47jp-46c9-25vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45120","GHSA-47jp-46c9-25vf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vx13-4b1d-wbgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55990?format=json","vulnerability_id":"VCID-wvyx-2bbb-9yf7","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28716","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133","reference_id":"CVE-2024-45133","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133"},{"reference_url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg","reference_id":"GHSA-j3mh-wx5f-2vhg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45133","GHSA-j3mh-wx5f-2vhg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyx-2bbb-9yf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57821?format=json","vulnerability_id":"VCID-wzu6-rbsv-mkde","summary":"Magento vulnerable to path traversal\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49559","reference_id":"","reference_type":"","scores":[{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69567","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49559"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49559","reference_id":"CVE-2025-49559","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49559"},{"reference_url":"https://github.com/advisories/GHSA-h4f4-gv6h-x824","reference_id":"GHSA-h4f4-gv6h-x824","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h4f4-gv6h-x824"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49559","GHSA-h4f4-gv6h-x824"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzu6-rbsv-mkde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57099?format=json","vulnerability_id":"VCID-xfvu-2zg4-ruf6","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36319","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:30Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188","reference_id":"CVE-2025-27188","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188"},{"reference_url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86","reference_id":"GHSA-rr2g-rrjj-xw86","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/70851?format=json","purl":"pkg:composer/magento/community-edition@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8"}],"aliases":["CVE-2025-27188","GHSA-rr2g-rrjj-xw86"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfvu-2zg4-ruf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55981?format=json","vulnerability_id":"VCID-xk5y-7a1w-zba9","summary":"Magento Open Source Server-Side Request Forgery (SSRF) vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57712","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:58:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119","reference_id":"CVE-2024-45119","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119"},{"reference_url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj","reference_id":"GHSA-g9fm-wc6h-pvgj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45119","GHSA-g9fm-wc6h-pvgj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5y-7a1w-zba9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56640?format=json","vulnerability_id":"VCID-xsq8-ztqh-ubb8","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438","reference_id":"","reference_type":"","scores":[{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:43Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438","reference_id":"CVE-2025-24438","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438"},{"reference_url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4","reference_id":"GHSA-8884-7rm9-mrx4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24438","GHSA-8884-7rm9-mrx4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsq8-ztqh-ubb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55987?format=json","vulnerability_id":"VCID-y1v3-9tyq-uqhd","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30677","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134","reference_id":"CVE-2024-45134","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134"},{"reference_url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g","reference_id":"GHSA-4f89-5cwm-rm5g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45134","GHSA-4f89-5cwm-rm5g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1v3-9tyq-uqhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55696?format=json","vulnerability_id":"VCID-y4u6-cy8y-hyae","summary":"Magento Open Source Path Traversal vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406","reference_id":"","reference_type":"","scores":[{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76318","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406","reference_id":"CVE-2024-39406","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406"},{"reference_url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5","reference_id":"GHSA-6pxh-2557-5cj5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39406","GHSA-6pxh-2557-5cj5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4u6-cy8y-hyae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56641?format=json","vulnerability_id":"VCID-y7x4-664r-3fbk","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:53Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436","reference_id":"CVE-2025-24436","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436"},{"reference_url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8","reference_id":"GHSA-ghpr-6qhr-rpp8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24436","GHSA-ghpr-6qhr-rpp8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7x4-664r-3fbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46041?format=json","vulnerability_id":"VCID-y93w-2qcc-wqg8","summary":"Magento Open Source affected by Improper Input Validation\nAdobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24093","reference_id":"","reference_type":"","scores":[{"value":"0.01122","scoring_system":"epss","scoring_elements":"0.78618","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01122","scoring_system":"epss","scoring_elements":"0.7859","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24093"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-13.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:51:54Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-13.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24093","reference_id":"CVE-2022-24093","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24093"},{"reference_url":"https://github.com/advisories/GHSA-5xmp-7wg5-x68q","reference_id":"GHSA-5xmp-7wg5-x68q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5xmp-7wg5-x68q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60734?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/64403?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1"}],"aliases":["CVE-2022-24093","GHSA-5xmp-7wg5-x68q"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y93w-2qcc-wqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48025?format=json","vulnerability_id":"VCID-yyq6-dvyx-3bb9","summary":"Magento vulnerable to stored Cross-Site Scripting (XSS)\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18183","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266","reference_id":"CVE-2025-54266","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266"},{"reference_url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5","reference_id":"GHSA-pcrx-r49h-x2w5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54266","GHSA-pcrx-r49h-x2w5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyq6-dvyx-3bb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55983?format=json","vulnerability_id":"VCID-z2v2-n138-6ydv","summary":"Magento Open Source stored Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127","reference_id":"","reference_type":"","scores":[{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83543","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:55Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127","reference_id":"CVE-2024-45127","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127"},{"reference_url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2","reference_id":"GHSA-c89g-gq5r-2xw2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45127","GHSA-c89g-gq5r-2xw2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2v2-n138-6ydv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55995?format=json","vulnerability_id":"VCID-zdpz-8tc2-6kah","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13975","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:53:58Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128","reference_id":"CVE-2024-45128","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128"},{"reference_url":"https://github.com/advisories/GHSA-qpp7-742q-58j3","reference_id":"GHSA-qpp7-742q-58j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qpp7-742q-58j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45128","GHSA-qpp7-742q-58j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdpz-8tc2-6kah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42472?format=json","vulnerability_id":"VCID-zkkk-5q62-ubca","summary":"Magento improper input validation vulnerability\nAdobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24086","reference_id":"","reference_type":"","scores":[{"value":"0.93696","scoring_system":"epss","scoring_elements":"0.99857","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24086"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-12.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-02-27T18:35:53Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-12.html"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24086","reference_id":"CVE-2022-24086","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24086"},{"reference_url":"https://github.com/advisories/GHSA-f8fv-f786-9933","reference_id":"GHSA-f8fv-f786-9933","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f8fv-f786-9933"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60734?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66998?format=json","purl":"pkg:composer/magento/community-edition@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3"}],"aliases":["CVE-2022-24086","GHSA-f8fv-f786-9933"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkkk-5q62-ubca"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112156?format=json","vulnerability_id":"VCID-2g87-y8ek-xfdr","summary":"Magento affected by a server-side denial-of-service using a GraphQL field\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36044","reference_id":"","reference_type":"","scores":[{"value":"0.01739","scoring_system":"epss","scoring_elements":"0.82853","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01739","scoring_system":"epss","scoring_elements":"0.82879","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36044"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36044","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36044"},{"reference_url":"https://github.com/advisories/GHSA-wr57-3h2f-3q95","reference_id":"GHSA-wr57-3h2f-3q95","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wr57-3h2f-3q95"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36044","GHSA-wr57-3h2f-3q95"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2g87-y8ek-xfdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111728?format=json","vulnerability_id":"VCID-2ttz-k7d2-jucf","summary":"Magento is affected by an os command injection via the Data collection endpoint\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. An attacker with admin privileges can upload a specially crafted file to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36024","reference_id":"","reference_type":"","scores":[{"value":"0.08668","scoring_system":"epss","scoring_elements":"0.92607","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08668","scoring_system":"epss","scoring_elements":"0.9262","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36024"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36024","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36024"},{"reference_url":"https://github.com/advisories/GHSA-qmq6-jpvg-j547","reference_id":"GHSA-qmq6-jpvg-j547","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qmq6-jpvg-j547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36024","GHSA-qmq6-jpvg-j547"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ttz-k7d2-jucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45958?format=json","vulnerability_id":"VCID-36ve-7wxt-z7fz","summary":"Magento affected by remote code execution vulnerability in the CMS page scheduled update feature\nMagento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code execution on the system.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36021","reference_id":"","reference_type":"","scores":[{"value":"0.01308","scoring_system":"epss","scoring_elements":"0.80129","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01308","scoring_system":"epss","scoring_elements":"0.80155","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36021"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T15:48:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36021","reference_id":"CVE-2021-36021","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36021"},{"reference_url":"https://github.com/advisories/GHSA-4g27-q2w9-m8m8","reference_id":"GHSA-4g27-q2w9-m8m8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4g27-q2w9-m8m8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36021","GHSA-4g27-q2w9-m8m8"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36ve-7wxt-z7fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112379?format=json","vulnerability_id":"VCID-4cbe-djqs-tug1","summary":"Magento is affected by an improper input validation vulnerability\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36032","reference_id":"","reference_type":"","scores":[{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.71112","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.71155","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36032"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36032","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36032"},{"reference_url":"https://github.com/advisories/GHSA-5vw8-r55w-f4q4","reference_id":"GHSA-5vw8-r55w-f4q4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5vw8-r55w-f4q4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36032","GHSA-5vw8-r55w-f4q4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cbe-djqs-tug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111541?format=json","vulnerability_id":"VCID-4w1v-es9j-subp","summary":"Magento XML Injection vulnerability in the 'City' field\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36020","reference_id":"","reference_type":"","scores":[{"value":"0.31066","scoring_system":"epss","scoring_elements":"0.96838","published_at":"2026-06-04T12:55:00Z"},{"value":"0.31066","scoring_system":"epss","scoring_elements":"0.96843","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36020"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36020","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36020"},{"reference_url":"https://github.com/advisories/GHSA-xvpx-6hh8-7h72","reference_id":"GHSA-xvpx-6hh8-7h72","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xvpx-6hh8-7h72"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36020","GHSA-xvpx-6hh8-7h72"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4w1v-es9j-subp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111521?format=json","vulnerability_id":"VCID-69wt-c418-mubr","summary":"Magento Open Source allows Cross-Site Request Forgery (CSRF)\nAdobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to a customer's cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39864","reference_id":"","reference_type":"","scores":[{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77333","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00997","scoring_system":"epss","scoring_elements":"0.77304","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39864"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-86.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:10:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-86.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-39864","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"4.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-39864"},{"reference_url":"https://github.com/advisories/GHSA-94wq-87g6-8h77","reference_id":"GHSA-94wq-87g6-8h77","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-94wq-87g6-8h77"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/153002?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"}],"aliases":["CVE-2021-39864","GHSA-94wq-87g6-8h77"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69wt-c418-mubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111409?format=json","vulnerability_id":"VCID-6mjf-p1d9-8qa1","summary":"Magento stored cross-site scripting vulnerability\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36027","reference_id":"","reference_type":"","scores":[{"value":"0.01528","scoring_system":"epss","scoring_elements":"0.81624","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01528","scoring_system":"epss","scoring_elements":"0.81654","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36027"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36027","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36027"},{"reference_url":"https://github.com/advisories/GHSA-x2v2-2jhp-c5hv","reference_id":"GHSA-x2v2-2jhp-c5hv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x2v2-2jhp-c5hv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36027","GHSA-x2v2-2jhp-c5hv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6mjf-p1d9-8qa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111210?format=json","vulnerability_id":"VCID-8u5e-d6nx-3khc","summary":"Magento Path Traversal vulnerability via the `theme[preview_image]` parameter\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a Path Traversal vulnerability via the `theme[preview_image]` parameter. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36031","reference_id":"","reference_type":"","scores":[{"value":"0.1031","scoring_system":"epss","scoring_elements":"0.93313","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1031","scoring_system":"epss","scoring_elements":"0.93325","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36031"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36031","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36031"},{"reference_url":"https://github.com/advisories/GHSA-7w95-qwhh-q9p3","reference_id":"GHSA-7w95-qwhh-q9p3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7w95-qwhh-q9p3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36031","GHSA-7w95-qwhh-q9p3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8u5e-d6nx-3khc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45954?format=json","vulnerability_id":"VCID-b5hn-f1qk-z7cu","summary":"Magento improper access control vulnerability within Magento's Media Gallery Upload workflow\nMagento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege can gain access to delete the .htaccess file. This could result in the attacker achieving remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36036","reference_id":"","reference_type":"","scores":[{"value":"0.01566","scoring_system":"epss","scoring_elements":"0.81845","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01566","scoring_system":"epss","scoring_elements":"0.81879","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36036"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:52:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36036","reference_id":"CVE-2021-36036","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36036"},{"reference_url":"https://github.com/advisories/GHSA-wqr6-wv6c-p8fx","reference_id":"GHSA-wqr6-wv6c-p8fx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wqr6-wv6c-p8fx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36036","GHSA-wqr6-wv6c-p8fx"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5hn-f1qk-z7cu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111727?format=json","vulnerability_id":"VCID-c1ta-jffg-cfg9","summary":"Magento XML Injection vulnerability in the Widgets Update Layout\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36022","reference_id":"","reference_type":"","scores":[{"value":"0.11326","scoring_system":"epss","scoring_elements":"0.93679","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11326","scoring_system":"epss","scoring_elements":"0.93688","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36022"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36022","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36022"},{"reference_url":"https://github.com/advisories/GHSA-3x9x-vhqj-cv27","reference_id":"GHSA-3x9x-vhqj-cv27","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3x9x-vhqj-cv27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36022","GHSA-3x9x-vhqj-cv27"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c1ta-jffg-cfg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111557?format=json","vulnerability_id":"VCID-cfjt-51xj-qqdw","summary":"Magento is affected by an improper input validation vulnerability while saving a customer's details\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability while saving a customer's details with a specially crafted file. An authenticated attacker with admin privileges can leverage this vulnerability to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36025","reference_id":"","reference_type":"","scores":[{"value":"0.05476","scoring_system":"epss","scoring_elements":"0.90365","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05476","scoring_system":"epss","scoring_elements":"0.9038","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36025"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36025","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36025"},{"reference_url":"https://github.com/advisories/GHSA-gvfx-9m9v-h839","reference_id":"GHSA-gvfx-9m9v-h839","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gvfx-9m9v-h839"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36025","GHSA-gvfx-9m9v-h839"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cfjt-51xj-qqdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111366?format=json","vulnerability_id":"VCID-er49-k3tc-ufcu","summary":"Magento allows attackers to alter the price of items\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process. An unauthenticated attacker can leverage this vulnerability to alter the price of items.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36030","reference_id":"","reference_type":"","scores":[{"value":"0.01428","scoring_system":"epss","scoring_elements":"0.80981","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01428","scoring_system":"epss","scoring_elements":"0.8101","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36030"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36030","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36030"},{"reference_url":"https://github.com/advisories/GHSA-rhff-65hp-55rw","reference_id":"GHSA-rhff-65hp-55rw","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rhff-65hp-55rw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36030","GHSA-rhff-65hp-55rw"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-er49-k3tc-ufcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111945?format=json","vulnerability_id":"VCID-fz6y-fece-skgr","summary":"Magento has a  file extension restrictions bypass\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to bypass file extension restrictions and could lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36040","reference_id":"","reference_type":"","scores":[{"value":"0.03446","scoring_system":"epss","scoring_elements":"0.87714","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03446","scoring_system":"epss","scoring_elements":"0.87735","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36040"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36040","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36040"},{"reference_url":"https://github.com/advisories/GHSA-2pq5-gpqf-g4r3","reference_id":"GHSA-2pq5-gpqf-g4r3","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2pq5-gpqf-g4r3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36040","GHSA-2pq5-gpqf-g4r3"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz6y-fece-skgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111163?format=json","vulnerability_id":"VCID-gxnx-f2qh-3yf9","summary":"Magento discloses sensitive information via the Multishipping Module\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the Multishipping Module. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36038","reference_id":"","reference_type":"","scores":[{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.81203","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.81231","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36038"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36038","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36038"},{"reference_url":"https://github.com/advisories/GHSA-wgpr-9675-8r67","reference_id":"GHSA-wgpr-9675-8r67","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wgpr-9675-8r67"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36038","GHSA-wgpr-9675-8r67"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxnx-f2qh-3yf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112481?format=json","vulnerability_id":"VCID-hspp-kw5e-akbr","summary":"Magento vulnerable to file upload attack\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36041","reference_id":"","reference_type":"","scores":[{"value":"0.05476","scoring_system":"epss","scoring_elements":"0.90365","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05476","scoring_system":"epss","scoring_elements":"0.9038","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36041"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36041","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36041"},{"reference_url":"https://github.com/advisories/GHSA-mx5m-j5xr-jg8c","reference_id":"GHSA-mx5m-j5xr-jg8c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mx5m-j5xr-jg8c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36041","GHSA-mx5m-j5xr-jg8c"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hspp-kw5e-akbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110863?format=json","vulnerability_id":"VCID-kgws-xvjr-g7bv","summary":"Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36043","reference_id":"","reference_type":"","scores":[{"value":"0.0261","scoring_system":"epss","scoring_elements":"0.85921","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0261","scoring_system":"epss","scoring_elements":"0.85942","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36043"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36043","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36043"},{"reference_url":"https://github.com/advisories/GHSA-36xq-7w8w-xp68","reference_id":"GHSA-36xq-7w8w-xp68","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-36xq-7w8w-xp68"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36043","GHSA-36xq-7w8w-xp68"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgws-xvjr-g7bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112060?format=json","vulnerability_id":"VCID-kv6x-nz1s-uuar","summary":"Magento affected by remote code execution via a file upload\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36034","reference_id":"","reference_type":"","scores":[{"value":"0.05476","scoring_system":"epss","scoring_elements":"0.90365","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05476","scoring_system":"epss","scoring_elements":"0.9038","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36034"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36034","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36034"},{"reference_url":"https://github.com/advisories/GHSA-j46h-qjjv-cxfj","reference_id":"GHSA-j46h-qjjv-cxfj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j46h-qjjv-cxfj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36034","GHSA-j46h-qjjv-cxfj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kv6x-nz1s-uuar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110890?format=json","vulnerability_id":"VCID-n5mn-3a8f-nbdb","summary":"Magento discloses sensitive information\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. An attacker can abuse this vulnerability to disclose sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36039","reference_id":"","reference_type":"","scores":[{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74435","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74466","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36039"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36039","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36039"},{"reference_url":"https://github.com/advisories/GHSA-3g7m-g8qm-x6j5","reference_id":"GHSA-3g7m-g8qm-x6j5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3g7m-g8qm-x6j5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36039","GHSA-3g7m-g8qm-x6j5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5mn-3a8f-nbdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45951?format=json","vulnerability_id":"VCID-nn21-hf8r-ykfd","summary":"Magento XML Injection vulnerability in the Widgets Update Layout\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36023","reference_id":"","reference_type":"","scores":[{"value":"0.1628","scoring_system":"epss","scoring_elements":"0.9495","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1628","scoring_system":"epss","scoring_elements":"0.94958","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36023"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:52:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36023","reference_id":"CVE-2021-36023","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36023"},{"reference_url":"https://github.com/advisories/GHSA-8cjg-f53m-8m9q","reference_id":"GHSA-8cjg-f53m-8m9q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8cjg-f53m-8m9q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36023","GHSA-8cjg-f53m-8m9q"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nn21-hf8r-ykfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111183?format=json","vulnerability_id":"VCID-p1py-xewy-7khn","summary":"Magento XML Injection vulnerability in the Widgets Module\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36033","reference_id":"","reference_type":"","scores":[{"value":"0.11326","scoring_system":"epss","scoring_elements":"0.93679","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11326","scoring_system":"epss","scoring_elements":"0.93688","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36033"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36033","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36033"},{"reference_url":"https://github.com/advisories/GHSA-p746-qw73-qmmx","reference_id":"GHSA-p746-qw73-qmmx","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p746-qw73-qmmx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36033","GHSA-p746-qw73-qmmx"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1py-xewy-7khn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112251?format=json","vulnerability_id":"VCID-p9qx-66yy-1kc1","summary":"Magento improper authorization vulnerability\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper authorization vulnerability. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36029","reference_id":"","reference_type":"","scores":[{"value":"0.0345","scoring_system":"epss","scoring_elements":"0.87729","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0345","scoring_system":"epss","scoring_elements":"0.87751","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36029"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36029","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36029"},{"reference_url":"https://github.com/advisories/GHSA-m8wx-whpp-q283","reference_id":"GHSA-m8wx-whpp-q283","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m8wx-whpp-q283"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36029","GHSA-m8wx-whpp-q283"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9qx-66yy-1kc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111336?format=json","vulnerability_id":"VCID-pm85-dfg2-euep","summary":"Magento executes code via the API File Option Upload Extension\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36042","reference_id":"","reference_type":"","scores":[{"value":"0.04108","scoring_system":"epss","scoring_elements":"0.888","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04108","scoring_system":"epss","scoring_elements":"0.88817","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36042"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36042","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36042"},{"reference_url":"https://github.com/advisories/GHSA-6cwv-wj7v-73xp","reference_id":"GHSA-6cwv-wj7v-73xp","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6cwv-wj7v-73xp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36042","GHSA-6cwv-wj7v-73xp"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pm85-dfg2-euep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112402?format=json","vulnerability_id":"VCID-rgnq-s54v-vkdm","summary":"Magento has an XML Injection vulnerability\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability when saving a configurable product. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36028","reference_id":"","reference_type":"","scores":[{"value":"0.11326","scoring_system":"epss","scoring_elements":"0.93679","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11326","scoring_system":"epss","scoring_elements":"0.93688","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36028"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36028","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36028"},{"reference_url":"https://github.com/advisories/GHSA-5pjj-7fq8-9gpf","reference_id":"GHSA-5pjj-7fq8-9gpf","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5pjj-7fq8-9gpf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36028","GHSA-5pjj-7fq8-9gpf"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rgnq-s54v-vkdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111364?format=json","vulnerability_id":"VCID-w42y-yc7r-kqhp","summary":"Magento stored cross-site scripting vulnerability in the customer address upload feature\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability in the customer address upload feature that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36026","reference_id":"","reference_type":"","scores":[{"value":"0.01528","scoring_system":"epss","scoring_elements":"0.81624","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01528","scoring_system":"epss","scoring_elements":"0.81654","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36026"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36026","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36026"},{"reference_url":"https://github.com/advisories/GHSA-8gfq-m4cf-w975","reference_id":"GHSA-8gfq-m4cf-w975","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8gfq-m4cf-w975"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36026","GHSA-8gfq-m4cf-w975"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w42y-yc7r-kqhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112277?format=json","vulnerability_id":"VCID-wh14-k3ex-pubq","summary":"Magento affected by a business logic error in the placeOrder graphql mutation\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36012","reference_id":"","reference_type":"","scores":[{"value":"0.00792","scoring_system":"epss","scoring_elements":"0.74277","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00792","scoring_system":"epss","scoring_elements":"0.7431","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36012"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36012","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36012"},{"reference_url":"https://github.com/advisories/GHSA-3f97-7pgv-gmgr","reference_id":"GHSA-3f97-7pgv-gmgr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3f97-7pgv-gmgr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36012","GHSA-3f97-7pgv-gmgr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wh14-k3ex-pubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111390?format=json","vulnerability_id":"VCID-ze8y-4wfs-hbf9","summary":"Magento is affected by an improper authorization vulnerability\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper authorization vulnerability. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36037","reference_id":"","reference_type":"","scores":[{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.76019","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.76044","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36037"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36037","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36037"},{"reference_url":"https://github.com/advisories/GHSA-vrq2-w7r7-3fp2","reference_id":"GHSA-vrq2-w7r7-3fp2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vrq2-w7r7-3fp2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66777?format=json","purl":"pkg:composer/magento/community-edition@2.3.7-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/274968?format=json","purl":"pkg:composer/magento/community-edition@2.4.0-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66778?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66997?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}],"aliases":["CVE-2021-36037","GHSA-vrq2-w7r7-3fp2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze8y-4wfs-hbf9"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1"}