{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","type":"composer","namespace":"magento","name":"community-edition","version":"2.4.6-p7","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.6-p9","latest_non_vulnerable_version":"2.4.9-alpha3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56632?format=json","vulnerability_id":"VCID-2vsw-t8k2-4bfm","summary":"Adobe Commerce Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11  and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34796","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34742","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34777","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34813","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:11:11Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409","reference_id":"CVE-2025-24409","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409"},{"reference_url":"https://github.com/advisories/GHSA-vw47-79jv-3598","reference_id":"GHSA-vw47-79jv-3598","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vw47-79jv-3598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24409","GHSA-vw47-79jv-3598"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vsw-t8k2-4bfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56639?format=json","vulnerability_id":"VCID-6tx4-wexr-fkbb","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35712","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35641","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35683","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35723","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:35Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437","reference_id":"CVE-2025-24437","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437"},{"reference_url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv","reference_id":"GHSA-469f-wf4f-3jjv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24437","GHSA-469f-wf4f-3jjv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6tx4-wexr-fkbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55986?format=json","vulnerability_id":"VCID-7pr7-uqp1-sugt","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24153","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24211","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24266","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130","reference_id":"CVE-2024-45130","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130"},{"reference_url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576","reference_id":"GHSA-v3v6-jfvw-m576","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45130","GHSA-v3v6-jfvw-m576"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pr7-uqp1-sugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55982?format=json","vulnerability_id":"VCID-7s3w-8dn6-jqh7","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26962","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2687","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26924","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2697","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124","reference_id":"CVE-2024-45124","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124"},{"reference_url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv","reference_id":"GHSA-w3p2-pc3h-69wv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45124","GHSA-w3p2-pc3h-69wv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s3w-8dn6-jqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=json","vulnerability_id":"VCID-7s74-rdkp-vyaf","summary":"Magento Incorrect Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to perform actions with permissions that were not granted. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35306","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35346","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35382","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:01Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421","reference_id":"CVE-2025-24421","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421"},{"reference_url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr","reference_id":"GHSA-v6r2-425c-hfrr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24421","GHSA-v6r2-425c-hfrr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s74-rdkp-vyaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56636?format=json","vulnerability_id":"VCID-8hx4-r8bb-n7ge","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428","reference_id":"","reference_type":"","scores":[{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77594","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77583","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77595","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77603","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428","reference_id":"CVE-2025-24428","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428"},{"reference_url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr","reference_id":"GHSA-mm87-rrqx-94cr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24428","GHSA-mm87-rrqx-94cr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hx4-r8bb-n7ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56625?format=json","vulnerability_id":"VCID-8ky6-w2nk-9bds","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28955","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28848","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28883","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28919","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:40Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411","reference_id":"CVE-2025-24411","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411"},{"reference_url":"https://github.com/advisories/GHSA-36hw-x3cc-m258","reference_id":"GHSA-36hw-x3cc-m258","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-36hw-x3cc-m258"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24411","GHSA-36hw-x3cc-m258"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ky6-w2nk-9bds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56631?format=json","vulnerability_id":"VCID-a9b6-tenb-afdw","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80246","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8025","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:48Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416","reference_id":"CVE-2025-24416","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416"},{"reference_url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9","reference_id":"GHSA-rjjw-g6hw-7pc9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24416","GHSA-rjjw-g6hw-7pc9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-tenb-afdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56637?format=json","vulnerability_id":"VCID-b3cn-pjp3-4yhm","summary":"Magento Business Logic Error vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47971","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48018","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:39Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425","reference_id":"CVE-2025-24425","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425"},{"reference_url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh","reference_id":"GHSA-6ff8-jrfg-43hh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24425","GHSA-6ff8-jrfg-43hh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3cn-pjp3-4yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55994?format=json","vulnerability_id":"VCID-bch8-kq49-skhm","summary":"Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123","reference_id":"","reference_type":"","scores":[{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79677","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79662","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79673","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123","reference_id":"CVE-2024-45123","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123"},{"reference_url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc","reference_id":"GHSA-88x2-cq34-5fwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45123","GHSA-88x2-cq34-5fwc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bch8-kq49-skhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56643?format=json","vulnerability_id":"VCID-d6mk-hg8h-7qbc","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27651","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27699","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27737","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:09:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432","reference_id":"CVE-2025-24432","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432"},{"reference_url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47","reference_id":"GHSA-7jmr-43qj-pw47","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24432","GHSA-7jmr-43qj-pw47"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6mk-hg8h-7qbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55989?format=json","vulnerability_id":"VCID-eahe-s41f-ckc1","summary":"Magento Open Source Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116","reference_id":"","reference_type":"","scores":[{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83293","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83281","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83289","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-10T13:56:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116","reference_id":"CVE-2024-45116","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116"},{"reference_url":"https://github.com/advisories/GHSA-873m-72g6-853g","reference_id":"GHSA-873m-72g6-853g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-873m-72g6-853g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45116","GHSA-873m-72g6-853g"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eahe-s41f-ckc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55998?format=json","vulnerability_id":"VCID-evth-swm9-k3de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24931","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24817","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24874","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121","reference_id":"CVE-2024-45121","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121"},{"reference_url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg","reference_id":"GHSA-2qhq-fw98-h6wg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45121","GHSA-2qhq-fw98-h6wg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evth-swm9-k3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56628?format=json","vulnerability_id":"VCID-fz5y-um7w-63f4","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410","reference_id":"","reference_type":"","scores":[{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.831","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.83089","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.83096","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410","reference_id":"CVE-2025-24410","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410"},{"reference_url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q","reference_id":"GHSA-gjxp-46rq-wg4q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24410","GHSA-gjxp-46rq-wg4q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz5y-um7w-63f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56647?format=json","vulnerability_id":"VCID-gedj-39p5-ubd6","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80246","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8025","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413","reference_id":"CVE-2025-24413","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413"},{"reference_url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j","reference_id":"GHSA-xwgx-8v72-4j5j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24413","GHSA-xwgx-8v72-4j5j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gedj-39p5-ubd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55993?format=json","vulnerability_id":"VCID-gxj9-a1hc-47de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24931","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24817","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24874","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:45:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118","reference_id":"CVE-2024-45118","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118"},{"reference_url":"https://github.com/advisories/GHSA-cg52-68fv-94qq","reference_id":"GHSA-cg52-68fv-94qq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cg52-68fv-94qq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45118","GHSA-cg52-68fv-94qq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxj9-a1hc-47de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56622?format=json","vulnerability_id":"VCID-hbau-7tvg-cygz","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39688","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39633","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39661","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39685","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429","reference_id":"CVE-2025-24429","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429"},{"reference_url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv","reference_id":"GHSA-656q-fx2w-8ccv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24429","GHSA-656q-fx2w-8ccv"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbau-7tvg-cygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56645?format=json","vulnerability_id":"VCID-jr49-4fs3-8qcp","summary":"Improper Authorization vulnerability in Magento and Adobe Commerce\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44087","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44035","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44071","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44095","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434","reference_id":"CVE-2025-24434","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434"},{"reference_url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c","reference_id":"GHSA-fppq-f2m6-xv5c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24434","GHSA-fppq-f2m6-xv5c"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jr49-4fs3-8qcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55980?format=json","vulnerability_id":"VCID-kje4-asu6-dfg2","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24153","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24211","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24266","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129","reference_id":"CVE-2024-45129","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129"},{"reference_url":"https://github.com/advisories/GHSA-m58h-998x-66f3","reference_id":"GHSA-m58h-998x-66f3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m58h-998x-66f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45129","GHSA-m58h-998x-66f3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kje4-asu6-dfg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56626?format=json","vulnerability_id":"VCID-mhvf-2keh-2qar","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80246","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8025","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417","reference_id":"CVE-2025-24417","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417"},{"reference_url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2","reference_id":"GHSA-g3j6-9753-8mp2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24417","GHSA-g3j6-9753-8mp2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhvf-2keh-2qar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56646?format=json","vulnerability_id":"VCID-mjb6-7au8-5fdx","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80246","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8025","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414","reference_id":"CVE-2025-24414","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414"},{"reference_url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv","reference_id":"GHSA-fhw6-3mj5-w9gv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24414","GHSA-fhw6-3mj5-w9gv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjb6-7au8-5fdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55991?format=json","vulnerability_id":"VCID-ns8t-vtcn-aqh4","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.3378","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33813","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33847","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:46Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149","reference_id":"CVE-2024-45149","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149"},{"reference_url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw","reference_id":"GHSA-w7rg-7wq2-pjrw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45149","GHSA-w7rg-7wq2-pjrw"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8t-vtcn-aqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55997?format=json","vulnerability_id":"VCID-qgpx-hgzu-5qgp","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30489","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30427","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.3046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30523","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:59:49Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122","reference_id":"CVE-2024-45122","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122"},{"reference_url":"https://github.com/advisories/GHSA-46fm-x82m-5f74","reference_id":"GHSA-46fm-x82m-5f74","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-46fm-x82m-5f74"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45122","GHSA-46fm-x82m-5f74"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgpx-hgzu-5qgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56623?format=json","vulnerability_id":"VCID-qp7s-amch-v3cd","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40424","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40453","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4048","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:16Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435","reference_id":"CVE-2025-24435","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435"},{"reference_url":"https://github.com/advisories/GHSA-82p4-55gj-956p","reference_id":"GHSA-82p4-55gj-956p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-82p4-55gj-956p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24435","GHSA-82p4-55gj-956p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp7s-amch-v3cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56642?format=json","vulnerability_id":"VCID-qzqd-271b-ybfj","summary":"Magento Information Exposure vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59659","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59634","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59653","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59662","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408","reference_id":"CVE-2025-24408","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408"},{"reference_url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8","reference_id":"GHSA-3cfg-w257-cgf8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24408","GHSA-3cfg-w257-cgf8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzqd-271b-ybfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56633?format=json","vulnerability_id":"VCID-r4bw-w4t9-23ek","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40424","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40453","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4048","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427","reference_id":"CVE-2025-24427","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427"},{"reference_url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg","reference_id":"GHSA-v3hq-g424-5mgg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24427","GHSA-v3hq-g424-5mgg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4bw-w4t9-23ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55978?format=json","vulnerability_id":"VCID-rduw-apr6-4fdu","summary":"Magento Open Source Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34459","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.3438","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34423","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34443","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:00:24Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135","reference_id":"CVE-2024-45135","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135"},{"reference_url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww","reference_id":"GHSA-8pxg-gcp4-57ww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45135","GHSA-8pxg-gcp4-57ww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rduw-apr6-4fdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56630?format=json","vulnerability_id":"VCID-re84-qg3k-3ub3","summary":"Adobe Commerce Path Traversal\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4666","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46615","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46643","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46663","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:36Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406","reference_id":"CVE-2025-24406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406"},{"reference_url":"https://github.com/advisories/GHSA-954p-ff72-327w","reference_id":"GHSA-954p-ff72-327w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-954p-ff72-327w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24406","GHSA-954p-ff72-327w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-re84-qg3k-3ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55988?format=json","vulnerability_id":"VCID-rxac-w9pd-aqe1","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32388","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3232","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3235","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3242","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131","reference_id":"CVE-2024-45131","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131"},{"reference_url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm","reference_id":"GHSA-xc5p-773w-m3pm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45131","GHSA-xc5p-773w-m3pm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxac-w9pd-aqe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56635?format=json","vulnerability_id":"VCID-s4bp-kzfu-8qfy","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80246","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8025","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:41Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412","reference_id":"CVE-2025-24412","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412"},{"reference_url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px","reference_id":"GHSA-m4rg-mpp2-97px","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24412","GHSA-m4rg-mpp2-97px"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4bp-kzfu-8qfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-scg7-ugdn-53b9","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45292","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45248","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45275","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45295","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424","reference_id":"CVE-2025-24424","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424"},{"reference_url":"https://github.com/advisories/GHSA-539v-w87w-w62c","reference_id":"GHSA-539v-w87w-w62c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-539v-w87w-w62c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24424","GHSA-539v-w87w-w62c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scg7-ugdn-53b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56624?format=json","vulnerability_id":"VCID-te3b-exz5-zke1","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80246","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8025","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415","reference_id":"CVE-2025-24415","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415"},{"reference_url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r","reference_id":"GHSA-gc27-rvvm-q77r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24415","GHSA-gc27-rvvm-q77r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-te3b-exz5-zke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56627?format=json","vulnerability_id":"VCID-tvz9-8s4d-gbg6","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27651","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27699","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27737","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430","reference_id":"CVE-2025-24430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430"},{"reference_url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq","reference_id":"GHSA-6w27-c66f-gvhq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24430","GHSA-6w27-c66f-gvhq"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvz9-8s4d-gbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55992?format=json","vulnerability_id":"VCID-txb3-ez5r-r7ek","summary":"Magento Open Source Improper Input Validation vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49641","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49594","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49623","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49631","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117","reference_id":"CVE-2024-45117","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117"},{"reference_url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g","reference_id":"GHSA-3fr3-gcqh-3m2g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45117","GHSA-3fr3-gcqh-3m2g"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txb3-ez5r-r7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55985?format=json","vulnerability_id":"VCID-ugyc-gehq-rudu","summary":"Magento Open Source Incorrect Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21314","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2119","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21253","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.213","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:06:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125","reference_id":"CVE-2024-45125","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125"},{"reference_url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh","reference_id":"GHSA-xg36-8c2v-jpxh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45125","GHSA-xg36-8c2v-jpxh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugyc-gehq-rudu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55979?format=json","vulnerability_id":"VCID-vu36-a1g1-nugt","summary":"Magento Open Source Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32324","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32256","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32286","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32354","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132","reference_id":"CVE-2024-45132","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132"},{"reference_url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm","reference_id":"GHSA-5f64-ppmg-cvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45132","GHSA-5f64-ppmg-cvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vu36-a1g1-nugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55996?format=json","vulnerability_id":"VCID-vx13-4b1d-wbgp","summary":"Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22557","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22459","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22508","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2257","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120","reference_id":"CVE-2024-45120","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120"},{"reference_url":"https://github.com/advisories/GHSA-47jp-46c9-25vf","reference_id":"GHSA-47jp-46c9-25vf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-47jp-46c9-25vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45120","GHSA-47jp-46c9-25vf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vx13-4b1d-wbgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55990?format=json","vulnerability_id":"VCID-wvyx-2bbb-9yf7","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28675","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28604","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28638","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28716","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133","reference_id":"CVE-2024-45133","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133"},{"reference_url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg","reference_id":"GHSA-j3mh-wx5f-2vhg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45133","GHSA-j3mh-wx5f-2vhg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyx-2bbb-9yf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55981?format=json","vulnerability_id":"VCID-xk5y-7a1w-zba9","summary":"Magento Open Source Server-Side Request Forgery (SSRF) vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57698","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57711","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.5772","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57712","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:58:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119","reference_id":"CVE-2024-45119","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119"},{"reference_url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj","reference_id":"GHSA-g9fm-wc6h-pvgj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45119","GHSA-g9fm-wc6h-pvgj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5y-7a1w-zba9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56640?format=json","vulnerability_id":"VCID-xsq8-ztqh-ubb8","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438","reference_id":"","reference_type":"","scores":[{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89292","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89291","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89293","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:43Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438","reference_id":"CVE-2025-24438","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438"},{"reference_url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4","reference_id":"GHSA-8884-7rm9-mrx4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24438","GHSA-8884-7rm9-mrx4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsq8-ztqh-ubb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55987?format=json","vulnerability_id":"VCID-y1v3-9tyq-uqhd","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30677","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30579","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3061","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30643","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134","reference_id":"CVE-2024-45134","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134"},{"reference_url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g","reference_id":"GHSA-4f89-5cwm-rm5g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45134","GHSA-4f89-5cwm-rm5g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1v3-9tyq-uqhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56641?format=json","vulnerability_id":"VCID-y7x4-664r-3fbk","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35306","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35346","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35382","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:53Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436","reference_id":"CVE-2025-24436","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436"},{"reference_url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8","reference_id":"GHSA-ghpr-6qhr-rpp8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24436","GHSA-ghpr-6qhr-rpp8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7x4-664r-3fbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55983?format=json","vulnerability_id":"VCID-z2v2-n138-6ydv","summary":"Magento Open Source stored Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127","reference_id":"","reference_type":"","scores":[{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83545","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83532","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83541","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83543","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:55Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127","reference_id":"CVE-2024-45127","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127"},{"reference_url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2","reference_id":"GHSA-c89g-gq5r-2xw2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45127","GHSA-c89g-gq5r-2xw2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2v2-n138-6ydv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55995?format=json","vulnerability_id":"VCID-zdpz-8tc2-6kah","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13977","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13854","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1394","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13975","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:53:58Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128","reference_id":"CVE-2024-45128","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128"},{"reference_url":"https://github.com/advisories/GHSA-qpp7-742q-58j3","reference_id":"GHSA-qpp7-742q-58j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qpp7-742q-58j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45128","GHSA-qpp7-742q-58j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdpz-8tc2-6kah"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55685?format=json","vulnerability_id":"VCID-3zcy-b3th-ukhd","summary":"Magento Improper Access Control Leads to Privilege escalation\nAdobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46298","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46324","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46344","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46342","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419","reference_id":"CVE-2024-39419","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419"},{"reference_url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v","reference_id":"GHSA-74w7-cr4v-wf2v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39419","GHSA-74w7-cr4v-wf2v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zcy-b3th-ukhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55687?format=json","vulnerability_id":"VCID-5gxr-xksz-5ydb","summary":"Magento Improper Authorization leads to security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.5417","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54193","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54204","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411","reference_id":"CVE-2024-39411","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411"},{"reference_url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq","reference_id":"GHSA-qm77-mqf3-fmhq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39411","GHSA-qm77-mqf3-fmhq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5gxr-xksz-5ydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55695?format=json","vulnerability_id":"VCID-6t9w-cnkz-s3c3","summary":"Magento DOM-based Cross-Site Scripting (XSS) vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an admin attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. Exploitation of this issue requires user interaction, such as convincing a victim to click on a malicious link. Confidentiality and integrity impact is high as it affects other admin accounts.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39400","reference_id":"","reference_type":"","scores":[{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81304","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.8131","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81307","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39400"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39400","reference_id":"CVE-2024-39400","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39400"},{"reference_url":"https://github.com/advisories/GHSA-52fg-wjxm-pp44","reference_id":"GHSA-52fg-wjxm-pp44","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-52fg-wjxm-pp44"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39400","GHSA-52fg-wjxm-pp44"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6t9w-cnkz-s3c3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55682?format=json","vulnerability_id":"VCID-7hrm-jtbx-sqgm","summary":"Magento OS Command ('OS Command Injection') vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. Exploitation of this issue requires user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39402","reference_id":"","reference_type":"","scores":[{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86005","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86016","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.8602","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86017","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39402"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:09Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39402","reference_id":"CVE-2024-39402","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39402"},{"reference_url":"https://github.com/advisories/GHSA-2ff6-837j-hg5x","reference_id":"GHSA-2ff6-837j-hg5x","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2ff6-837j-hg5x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39402","GHSA-2ff6-837j-hg5x"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7hrm-jtbx-sqgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55679?format=json","vulnerability_id":"VCID-8msu-s38a-p7e3","summary":"Magento Path Traversal vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. A low-privileged attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39399","reference_id":"","reference_type":"","scores":[{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.75112","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.75125","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.75133","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.7513","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39399"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T14:09:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39399","reference_id":"CVE-2024-39399","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39399"},{"reference_url":"https://github.com/advisories/GHSA-7r99-8wqp-h7pc","reference_id":"GHSA-7r99-8wqp-h7pc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7r99-8wqp-h7pc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39399","GHSA-7r99-8wqp-h7pc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8msu-s38a-p7e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55694?format=json","vulnerability_id":"VCID-9cc9-npdc-8bac","summary":"Magento Stored Cross-Site Scripting (XSS) vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Confidentiality impact is high due to the attacker being able to exfiltrate sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39403","reference_id":"","reference_type":"","scores":[{"value":"0.02812","scoring_system":"epss","scoring_elements":"0.86413","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02812","scoring_system":"epss","scoring_elements":"0.86425","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02812","scoring_system":"epss","scoring_elements":"0.86429","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39403"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39403","reference_id":"CVE-2024-39403","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39403"},{"reference_url":"https://github.com/advisories/GHSA-mmp7-8cg4-9wrg","reference_id":"GHSA-mmp7-8cg4-9wrg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mmp7-8cg4-9wrg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39403","GHSA-mmp7-8cg4-9wrg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9cc9-npdc-8bac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55677?format=json","vulnerability_id":"VCID-9vrt-uccb-myev","summary":"Magento Improper Authorization Leading to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.5417","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54193","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54204","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415","reference_id":"CVE-2024-39415","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415"},{"reference_url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq","reference_id":"GHSA-gj93-84g5-mcjq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39415","GHSA-gj93-84g5-mcjq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vrt-uccb-myev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55675?format=json","vulnerability_id":"VCID-a8gs-ervm-e3hm","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39407","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47784","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47814","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47831","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47829","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39407"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39407","reference_id":"CVE-2024-39407","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39407"},{"reference_url":"https://github.com/advisories/GHSA-cjm6-8mw8-2f8c","reference_id":"GHSA-cjm6-8mw8-2f8c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cjm6-8mw8-2f8c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39407","GHSA-cjm6-8mw8-2f8c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a8gs-ervm-e3hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55691?format=json","vulnerability_id":"VCID-agtm-nkhp-dkdn","summary":"Magento does not properly restrict excessive authentication attempts\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to perform brute force attacks and potentially gain unauthorized access to accounts. Exploitation of this issue does not require user interaction, but attack complexity is high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39398","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47006","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47035","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47053","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.4705","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39398"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39398","reference_id":"CVE-2024-39398","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39398"},{"reference_url":"https://github.com/advisories/GHSA-q628-54wg-4r5q","reference_id":"GHSA-q628-54wg-4r5q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q628-54wg-4r5q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39398","GHSA-q628-54wg-4r5q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-agtm-nkhp-dkdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55686?format=json","vulnerability_id":"VCID-b9ry-u6qy-j7cc","summary":"Magento Improper Authorization leads to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.5417","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54193","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54204","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:31Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417","reference_id":"CVE-2024-39417","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417"},{"reference_url":"https://github.com/advisories/GHSA-4xmj-f664-hv98","reference_id":"GHSA-4xmj-f664-hv98","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xmj-f664-hv98"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39417","GHSA-4xmj-f664-hv98"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ry-u6qy-j7cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55688?format=json","vulnerability_id":"VCID-bkpz-ratd-e7ab","summary":"Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66977","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66993","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6701","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410","reference_id":"CVE-2024-39410","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410"},{"reference_url":"https://github.com/advisories/GHSA-4323-f82v-f6jr","reference_id":"GHSA-4323-f82v-f6jr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4323-f82v-f6jr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39410","GHSA-4323-f82v-f6jr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkpz-ratd-e7ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55699?format=json","vulnerability_id":"VCID-cc8x-6es1-8kc5","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39413","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.5417","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54193","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54204","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39413"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39413","reference_id":"CVE-2024-39413","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39413"},{"reference_url":"https://github.com/advisories/GHSA-8w5f-8992-g86j","reference_id":"GHSA-8w5f-8992-g86j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8w5f-8992-g86j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39413","GHSA-8w5f-8992-g86j"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cc8x-6es1-8kc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55689?format=json","vulnerability_id":"VCID-cqjn-3z6n-sff1","summary":"Magento Improper Authorization leads to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55339","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55358","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.5537","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55365","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:27Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416","reference_id":"CVE-2024-39416","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416"},{"reference_url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5","reference_id":"GHSA-4xgg-rw35-7mv5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39416","GHSA-4xgg-rw35-7mv5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjn-3z6n-sff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55684?format=json","vulnerability_id":"VCID-dpgz-dacm-sqg6","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39418","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56081","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56098","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56111","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56106","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39418"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39418","reference_id":"CVE-2024-39418","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39418"},{"reference_url":"https://github.com/advisories/GHSA-gvgf-pvh5-vjh4","reference_id":"GHSA-gvgf-pvh5-vjh4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gvgf-pvh5-vjh4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39418","GHSA-gvgf-pvh5-vjh4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dpgz-dacm-sqg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55700?format=json","vulnerability_id":"VCID-du16-f2wp-t3cw","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50532","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50563","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50582","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50575","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:56Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412","reference_id":"CVE-2024-39412","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412"},{"reference_url":"https://github.com/advisories/GHSA-7472-vw39-g2j3","reference_id":"GHSA-7472-vw39-g2j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7472-vw39-g2j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39412","GHSA-7472-vw39-g2j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-du16-f2wp-t3cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55681?format=json","vulnerability_id":"VCID-e9zx-zy9y-2fcp","summary":"Magento OS Command ('OS Command Injection') vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. Exploitation of this issue requires user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39401","reference_id":"","reference_type":"","scores":[{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86005","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86016","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.8602","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86017","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39401"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:32Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39401","reference_id":"CVE-2024-39401","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39401"},{"reference_url":"https://github.com/advisories/GHSA-8frp-pxq2-3gpq","reference_id":"GHSA-8frp-pxq2-3gpq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8frp-pxq2-3gpq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39401","GHSA-8frp-pxq2-3gpq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9zx-zy9y-2fcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55678?format=json","vulnerability_id":"VCID-kezx-5nw5-hfen","summary":"Magento Improper Access Control Leads to Privilege escalation\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55339","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55358","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.5537","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55365","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414","reference_id":"CVE-2024-39414","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414"},{"reference_url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4","reference_id":"GHSA-x6f9-hv9r-fgq4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39414","GHSA-x6f9-hv9r-fgq4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kezx-5nw5-hfen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55676?format=json","vulnerability_id":"VCID-kuzc-uv5b-v7an","summary":"Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66977","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66993","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6701","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409","reference_id":"CVE-2024-39409","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409"},{"reference_url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r","reference_id":"GHSA-rf4q-m23c-7q8r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39409","GHSA-rf4q-m23c-7q8r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kuzc-uv5b-v7an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55683?format=json","vulnerability_id":"VCID-m5z8-hz81-j7b7","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39405","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46298","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46324","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46344","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46342","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39405"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:21Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39405","reference_id":"CVE-2024-39405","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39405"},{"reference_url":"https://github.com/advisories/GHSA-5g9f-7gqc-8hj4","reference_id":"GHSA-5g9f-7gqc-8hj4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5g9f-7gqc-8hj4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39405","GHSA-5g9f-7gqc-8hj4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5z8-hz81-j7b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55697?format=json","vulnerability_id":"VCID-qj4x-u7gx-9uf1","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39404","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47784","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47814","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47831","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47829","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39404"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:52Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39404","reference_id":"CVE-2024-39404","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39404"},{"reference_url":"https://github.com/advisories/GHSA-qrh3-vxjg-h9h6","reference_id":"GHSA-qrh3-vxjg-h9h6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qrh3-vxjg-h9h6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39404","GHSA-qrh3-vxjg-h9h6"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qj4x-u7gx-9uf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55692?format=json","vulnerability_id":"VCID-shfz-pxan-v3ar","summary":"Magento Open Source Cross-Site Request Forgery vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66977","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66993","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6701","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408","reference_id":"CVE-2024-39408","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408"},{"reference_url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx","reference_id":"GHSA-4cj6-f32v-6hgx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39408","GHSA-4cj6-f32v-6hgx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shfz-pxan-v3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55696?format=json","vulnerability_id":"VCID-y4u6-cy8y-hyae","summary":"Magento Open Source Path Traversal vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406","reference_id":"","reference_type":"","scores":[{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.7632","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76303","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76313","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76318","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406","reference_id":"CVE-2024-39406","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406"},{"reference_url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5","reference_id":"GHSA-6pxh-2557-5cj5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39406","GHSA-6pxh-2557-5cj5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4u6-cy8y-hyae"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"}