{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","type":"composer","namespace":"magento","name":"community-edition","version":"2.4.5-p10","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.6-p13","latest_non_vulnerable_version":"2.4.9-alpha3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57823?format=json","vulnerability_id":"VCID-1jsp-392b-2fgb","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability by manipulating the timing between the check of a resource's state and its use, allowing unauthorized write access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49558","reference_id":"","reference_type":"","scores":[{"value":"0.00505","scoring_system":"epss","scoring_elements":"0.66592","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49558"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49558","reference_id":"CVE-2025-49558","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49558"},{"reference_url":"https://github.com/advisories/GHSA-wcmw-8xpp-rwfj","reference_id":"GHSA-wcmw-8xpp-rwfj","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wcmw-8xpp-rwfj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49558","GHSA-wcmw-8xpp-rwfj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1jsp-392b-2fgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56632?format=json","vulnerability_id":"VCID-2vsw-t8k2-4bfm","summary":"Adobe Commerce Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11  and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34796","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:11:11Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409","reference_id":"CVE-2025-24409","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409"},{"reference_url":"https://github.com/advisories/GHSA-vw47-79jv-3598","reference_id":"GHSA-vw47-79jv-3598","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vw47-79jv-3598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24409","GHSA-vw47-79jv-3598"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vsw-t8k2-4bfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57442?format=json","vulnerability_id":"VCID-3g5s-hryc-5qa9","summary":"Magneto contains stored XSS vulnerability\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47110","reference_id":"","reference_type":"","scores":[{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72632","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47110"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-10T18:09:25Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47110","reference_id":"CVE-2025-47110","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47110"},{"reference_url":"https://github.com/advisories/GHSA-j934-vjh5-vf9r","reference_id":"GHSA-j934-vjh5-vf9r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j934-vjh5-vf9r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/85398?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-47110","GHSA-j934-vjh5-vf9r"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3g5s-hryc-5qa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57444?format=json","vulnerability_id":"VCID-4dae-vty8-b7hk","summary":"Magento Improper Access Control leads to security feature bypass\nAdobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27206","reference_id":"","reference_type":"","scores":[{"value":"0.00706","scoring_system":"epss","scoring_elements":"0.72543","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27206"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T18:08:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27206","reference_id":"CVE-2025-27206","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27206"},{"reference_url":"https://github.com/advisories/GHSA-g2pj-xmxq-3r9q","reference_id":"GHSA-g2pj-xmxq-3r9q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g2pj-xmxq-3r9q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-27206","GHSA-g2pj-xmxq-3r9q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dae-vty8-b7hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57531?format=json","vulnerability_id":"VCID-6p6q-ctya-q3bv","summary":"Magento Authenticated Security feature bypass\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49549","reference_id":"","reference_type":"","scores":[{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66971","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49549"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:12:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49549","reference_id":"CVE-2025-49549","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49549"},{"reference_url":"https://github.com/advisories/GHSA-85jx-x9r4-45m2","reference_id":"GHSA-85jx-x9r4-45m2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-85jx-x9r4-45m2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49549","GHSA-85jx-x9r4-45m2"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6p6q-ctya-q3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56639?format=json","vulnerability_id":"VCID-6tx4-wexr-fkbb","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35712","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:35Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437","reference_id":"CVE-2025-24437","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437"},{"reference_url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv","reference_id":"GHSA-469f-wf4f-3jjv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24437","GHSA-469f-wf4f-3jjv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6tx4-wexr-fkbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=json","vulnerability_id":"VCID-7s74-rdkp-vyaf","summary":"Magento Incorrect Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to perform actions with permissions that were not granted. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:01Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421","reference_id":"CVE-2025-24421","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421"},{"reference_url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr","reference_id":"GHSA-v6r2-425c-hfrr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24421","GHSA-v6r2-425c-hfrr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s74-rdkp-vyaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56636?format=json","vulnerability_id":"VCID-8hx4-r8bb-n7ge","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428","reference_id":"","reference_type":"","scores":[{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77594","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428","reference_id":"CVE-2025-24428","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428"},{"reference_url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr","reference_id":"GHSA-mm87-rrqx-94cr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24428","GHSA-mm87-rrqx-94cr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hx4-r8bb-n7ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56625?format=json","vulnerability_id":"VCID-8ky6-w2nk-9bds","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28955","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:40Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411","reference_id":"CVE-2025-24411","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411"},{"reference_url":"https://github.com/advisories/GHSA-36hw-x3cc-m258","reference_id":"GHSA-36hw-x3cc-m258","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-36hw-x3cc-m258"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24411","GHSA-36hw-x3cc-m258"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ky6-w2nk-9bds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57107?format=json","vulnerability_id":"VCID-8shb-t5zp-rqbu","summary":"Magento Improper Access Control leads to Security feature bypass\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50333","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:02Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190","reference_id":"CVE-2025-27190","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190"},{"reference_url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q","reference_id":"GHSA-6wq7-cg9h-mj6q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27190","GHSA-6wq7-cg9h-mj6q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8shb-t5zp-rqbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56631?format=json","vulnerability_id":"VCID-a9b6-tenb-afdw","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:48Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416","reference_id":"CVE-2025-24416","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416"},{"reference_url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9","reference_id":"GHSA-rjjw-g6hw-7pc9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24416","GHSA-rjjw-g6hw-7pc9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-tenb-afdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56637?format=json","vulnerability_id":"VCID-b3cn-pjp3-4yhm","summary":"Magento Business Logic Error vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:39Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425","reference_id":"CVE-2025-24425","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425"},{"reference_url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh","reference_id":"GHSA-6ff8-jrfg-43hh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24425","GHSA-6ff8-jrfg-43hh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3cn-pjp3-4yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48026?format=json","vulnerability_id":"VCID-cafy-5dd8-rudj","summary":"Magento allows incorrect authorization\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29548","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265","reference_id":"CVE-2025-54265","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265"},{"reference_url":"https://github.com/advisories/GHSA-r355-75hw-r8jf","reference_id":"GHSA-r355-75hw-r8jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r355-75hw-r8jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54265","GHSA-r355-75hw-r8jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cafy-5dd8-rudj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58128?format=json","vulnerability_id":"VCID-ccx1-qacj-2qev","summary":"Magento Community Edition Improper Input Validation vulnerability\nAdobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact to high. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54236","reference_id":"","reference_type":"","scores":[{"value":"0.72152","scoring_system":"epss","scoring_elements":"0.98771","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54236"},{"reference_url":"https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-88.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-10-24T14:08:30Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-88.html"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54236","reference_id":"CVE-2025-54236","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54236"},{"reference_url":"https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento","reference_id":"CVE-2025-54236-SESSIONREAPER-UNAUTHENTICATED-RCE-IN-MAGENTO","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento"},{"reference_url":"https://github.com/advisories/GHSA-wh92-6q6g-px7j","reference_id":"GHSA-wh92-6q6g-px7j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wh92-6q6g-px7j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64407?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66493?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2"}],"aliases":["CVE-2025-54236","GHSA-wh92-6q6g-px7j"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ccx1-qacj-2qev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57822?format=json","vulnerability_id":"VCID-cm2a-1yc5-v3cy","summary":"Magento has incorrect authorization issue that leads to arbitrary file system read\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49556","reference_id":"","reference_type":"","scores":[{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50269","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49556"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:25Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49556","reference_id":"CVE-2025-49556","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49556"},{"reference_url":"https://github.com/advisories/GHSA-7hrj-3c9x-xv5h","reference_id":"GHSA-7hrj-3c9x-xv5h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7hrj-3c9x-xv5h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49556","GHSA-7hrj-3c9x-xv5h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cm2a-1yc5-v3cy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56643?format=json","vulnerability_id":"VCID-d6mk-hg8h-7qbc","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:09:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432","reference_id":"CVE-2025-24432","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432"},{"reference_url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47","reference_id":"GHSA-7jmr-43qj-pw47","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24432","GHSA-7jmr-43qj-pw47"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6mk-hg8h-7qbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48032?format=json","vulnerability_id":"VCID-dj5a-35gt-u7dn","summary":"Magento vulnerable to privilege escalation due to incorrect authorization\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20523","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267","reference_id":"CVE-2025-54267","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267"},{"reference_url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf","reference_id":"GHSA-qvwr-p3hj-j6jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54267","GHSA-qvwr-p3hj-j6jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dj5a-35gt-u7dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57095?format=json","vulnerability_id":"VCID-egy6-nku7-zyap","summary":"Magento Improper Access Control leads to Security feature bypass\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50333","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:08Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191","reference_id":"CVE-2025-27191","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191"},{"reference_url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2","reference_id":"GHSA-vhcq-4xrm-2cr2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27191","GHSA-vhcq-4xrm-2cr2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egy6-nku7-zyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57814?format=json","vulnerability_id":"VCID-eygc-ra9u-gyej","summary":"Magento Cross-Site Request Forgery (CSRF) vulnerability\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49555","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2931","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49555"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49555","reference_id":"CVE-2025-49555","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49555"},{"reference_url":"https://github.com/advisories/GHSA-5777-jj7p-mpqw","reference_id":"GHSA-5777-jj7p-mpqw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5777-jj7p-mpqw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49555","GHSA-5777-jj7p-mpqw"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eygc-ra9u-gyej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56628?format=json","vulnerability_id":"VCID-fz5y-um7w-63f4","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410","reference_id":"","reference_type":"","scores":[{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410","reference_id":"CVE-2025-24410","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410"},{"reference_url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q","reference_id":"GHSA-gjxp-46rq-wg4q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24410","GHSA-gjxp-46rq-wg4q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz5y-um7w-63f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57819?format=json","vulnerability_id":"VCID-fzm9-e6bg-r7aw","summary":"Magento Cross-site Scripting vulnerability\nAdobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. These scripts may be used to escalate privileges within the application or compromise sensitive user data. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49557","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24233","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49557"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:12Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49557","reference_id":"CVE-2025-49557","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49557"},{"reference_url":"https://github.com/advisories/GHSA-8mq8-c243-2335","reference_id":"GHSA-8mq8-c243-2335","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8mq8-c243-2335"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49557","GHSA-8mq8-c243-2335"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fzm9-e6bg-r7aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56647?format=json","vulnerability_id":"VCID-gedj-39p5-ubd6","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413","reference_id":"CVE-2025-24413","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413"},{"reference_url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j","reference_id":"GHSA-xwgx-8v72-4j5j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24413","GHSA-xwgx-8v72-4j5j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gedj-39p5-ubd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56622?format=json","vulnerability_id":"VCID-hbau-7tvg-cygz","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39685","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429","reference_id":"CVE-2025-24429","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429"},{"reference_url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv","reference_id":"GHSA-656q-fx2w-8ccv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24429","GHSA-656q-fx2w-8ccv"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbau-7tvg-cygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57100?format=json","vulnerability_id":"VCID-j6ss-8f4e-e7g2","summary":"Magento does not properly protect credentials\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2817","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192","reference_id":"CVE-2025-27192","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192"},{"reference_url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx","reference_id":"GHSA-2r94-wm5v-4prx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27192","GHSA-2r94-wm5v-4prx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6ss-8f4e-e7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56645?format=json","vulnerability_id":"VCID-jr49-4fs3-8qcp","summary":"Improper Authorization vulnerability in Magento and Adobe Commerce\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44087","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434","reference_id":"CVE-2025-24434","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434"},{"reference_url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c","reference_id":"GHSA-fppq-f2m6-xv5c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24434","GHSA-fppq-f2m6-xv5c"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jr49-4fs3-8qcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57533?format=json","vulnerability_id":"VCID-md7v-w5aq-t7h1","summary":"Magento Security feature bypass\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49550","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64889","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49550"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:07:51Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49550","reference_id":"CVE-2025-49550","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49550"},{"reference_url":"https://github.com/advisories/GHSA-8hcx-xvww-6c6h","reference_id":"GHSA-8hcx-xvww-6c6h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8hcx-xvww-6c6h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49550","GHSA-8hcx-xvww-6c6h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-md7v-w5aq-t7h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56626?format=json","vulnerability_id":"VCID-mhvf-2keh-2qar","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417","reference_id":"CVE-2025-24417","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417"},{"reference_url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2","reference_id":"GHSA-g3j6-9753-8mp2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24417","GHSA-g3j6-9753-8mp2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhvf-2keh-2qar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56646?format=json","vulnerability_id":"VCID-mjb6-7au8-5fdx","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414","reference_id":"CVE-2025-24414","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414"},{"reference_url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv","reference_id":"GHSA-fhw6-3mj5-w9gv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24414","GHSA-fhw6-3mj5-w9gv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjb6-7au8-5fdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56623?format=json","vulnerability_id":"VCID-qp7s-amch-v3cd","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:16Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435","reference_id":"CVE-2025-24435","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435"},{"reference_url":"https://github.com/advisories/GHSA-82p4-55gj-956p","reference_id":"GHSA-82p4-55gj-956p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-82p4-55gj-956p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24435","GHSA-82p4-55gj-956p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp7s-amch-v3cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48030?format=json","vulnerability_id":"VCID-qrwc-3gsb-zkfy","summary":"Magento provides incorrect authorization through a security feature bypass\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25983","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263","reference_id":"CVE-2025-54263","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263"},{"reference_url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8","reference_id":"GHSA-69x9-xp2j-w8g8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54263","GHSA-69x9-xp2j-w8g8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrwc-3gsb-zkfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56642?format=json","vulnerability_id":"VCID-qzqd-271b-ybfj","summary":"Magento Information Exposure vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59659","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408","reference_id":"CVE-2025-24408","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408"},{"reference_url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8","reference_id":"GHSA-3cfg-w257-cgf8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24408","GHSA-3cfg-w257-cgf8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzqd-271b-ybfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56633?format=json","vulnerability_id":"VCID-r4bw-w4t9-23ek","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427","reference_id":"CVE-2025-24427","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427"},{"reference_url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg","reference_id":"GHSA-v3hq-g424-5mgg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24427","GHSA-v3hq-g424-5mgg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4bw-w4t9-23ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56630?format=json","vulnerability_id":"VCID-re84-qg3k-3ub3","summary":"Adobe Commerce Path Traversal\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4666","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:36Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406","reference_id":"CVE-2025-24406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406"},{"reference_url":"https://github.com/advisories/GHSA-954p-ff72-327w","reference_id":"GHSA-954p-ff72-327w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-954p-ff72-327w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24406","GHSA-954p-ff72-327w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-re84-qg3k-3ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56635?format=json","vulnerability_id":"VCID-s4bp-kzfu-8qfy","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:41Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412","reference_id":"CVE-2025-24412","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412"},{"reference_url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px","reference_id":"GHSA-m4rg-mpp2-97px","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24412","GHSA-m4rg-mpp2-97px"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4bp-kzfu-8qfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-scg7-ugdn-53b9","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424","reference_id":"CVE-2025-24424","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424"},{"reference_url":"https://github.com/advisories/GHSA-539v-w87w-w62c","reference_id":"GHSA-539v-w87w-w62c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-539v-w87w-w62c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24424","GHSA-539v-w87w-w62c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scg7-ugdn-53b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57435?format=json","vulnerability_id":"VCID-tc3m-4bkg-qkcf","summary":"Magento Improper Authorization leading to security feature bypass\nMagento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-43585","reference_id":"","reference_type":"","scores":[{"value":"0.00591","scoring_system":"epss","scoring_elements":"0.6963","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-43585"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T17:23:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43585","reference_id":"CVE-2025-43585","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43585"},{"reference_url":"https://github.com/advisories/GHSA-r487-9vv5-75gg","reference_id":"GHSA-r487-9vv5-75gg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r487-9vv5-75gg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85378?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/85377?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/85376?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/70852?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-43585","GHSA-r487-9vv5-75gg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tc3m-4bkg-qkcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56624?format=json","vulnerability_id":"VCID-te3b-exz5-zke1","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415","reference_id":"CVE-2025-24415","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415"},{"reference_url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r","reference_id":"GHSA-gc27-rvvm-q77r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24415","GHSA-gc27-rvvm-q77r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-te3b-exz5-zke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48029?format=json","vulnerability_id":"VCID-th7y-aj51-mbaj","summary":"Magento vulnerable to stored Cross-Site Scripting (XSS)\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44021","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264","reference_id":"CVE-2025-54264","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264"},{"reference_url":"https://github.com/advisories/GHSA-2768-5wmv-cfff","reference_id":"GHSA-2768-5wmv-cfff","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2768-5wmv-cfff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54264","GHSA-2768-5wmv-cfff"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-th7y-aj51-mbaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56627?format=json","vulnerability_id":"VCID-tvz9-8s4d-gbg6","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430","reference_id":"CVE-2025-24430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430"},{"reference_url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq","reference_id":"GHSA-6w27-c66f-gvhq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24430","GHSA-6w27-c66f-gvhq"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvz9-8s4d-gbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57816?format=json","vulnerability_id":"VCID-tzug-ckkn-dyft","summary":"Magento vulnerable to denial of service\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49554","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52681","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49554"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:27Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49554","reference_id":"CVE-2025-49554","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49554"},{"reference_url":"https://github.com/advisories/GHSA-xgfm-992v-h2hr","reference_id":"GHSA-xgfm-992v-h2hr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xgfm-992v-h2hr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49554","GHSA-xgfm-992v-h2hr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzug-ckkn-dyft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57821?format=json","vulnerability_id":"VCID-wzu6-rbsv-mkde","summary":"Magento vulnerable to path traversal\nMagento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49559","reference_id":"","reference_type":"","scores":[{"value":"0.00589","scoring_system":"epss","scoring_elements":"0.69567","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49559"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49559","reference_id":"CVE-2025-49559","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49559"},{"reference_url":"https://github.com/advisories/GHSA-h4f4-gv6h-x824","reference_id":"GHSA-h4f4-gv6h-x824","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h4f4-gv6h-x824"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86026?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/86025?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/86024?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/86023?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/86022?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49559","GHSA-h4f4-gv6h-x824"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzu6-rbsv-mkde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57099?format=json","vulnerability_id":"VCID-xfvu-2zg4-ruf6","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36319","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:30Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188","reference_id":"CVE-2025-27188","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188"},{"reference_url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86","reference_id":"GHSA-rr2g-rrjj-xw86","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/70851?format=json","purl":"pkg:composer/magento/community-edition@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8"}],"aliases":["CVE-2025-27188","GHSA-rr2g-rrjj-xw86"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfvu-2zg4-ruf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56640?format=json","vulnerability_id":"VCID-xsq8-ztqh-ubb8","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438","reference_id":"","reference_type":"","scores":[{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:43Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438","reference_id":"CVE-2025-24438","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438"},{"reference_url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4","reference_id":"GHSA-8884-7rm9-mrx4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24438","GHSA-8884-7rm9-mrx4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsq8-ztqh-ubb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56641?format=json","vulnerability_id":"VCID-y7x4-664r-3fbk","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:53Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436","reference_id":"CVE-2025-24436","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436"},{"reference_url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8","reference_id":"GHSA-ghpr-6qhr-rpp8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24436","GHSA-ghpr-6qhr-rpp8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7x4-664r-3fbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48025?format=json","vulnerability_id":"VCID-yyq6-dvyx-3bb9","summary":"Magento vulnerable to stored Cross-Site Scripting (XSS)\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18183","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266","reference_id":"CVE-2025-54266","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266"},{"reference_url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5","reference_id":"GHSA-pcrx-r49h-x2w5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70856?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/70855?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/70854?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70853?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54266","GHSA-pcrx-r49h-x2w5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyq6-dvyx-3bb9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55986?format=json","vulnerability_id":"VCID-7pr7-uqp1-sugt","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130","reference_id":"CVE-2024-45130","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130"},{"reference_url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576","reference_id":"GHSA-v3v6-jfvw-m576","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45130","GHSA-v3v6-jfvw-m576"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pr7-uqp1-sugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55982?format=json","vulnerability_id":"VCID-7s3w-8dn6-jqh7","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2697","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124","reference_id":"CVE-2024-45124","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124"},{"reference_url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv","reference_id":"GHSA-w3p2-pc3h-69wv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45124","GHSA-w3p2-pc3h-69wv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s3w-8dn6-jqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55994?format=json","vulnerability_id":"VCID-bch8-kq49-skhm","summary":"Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123","reference_id":"","reference_type":"","scores":[{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123","reference_id":"CVE-2024-45123","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123"},{"reference_url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc","reference_id":"GHSA-88x2-cq34-5fwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45123","GHSA-88x2-cq34-5fwc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bch8-kq49-skhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55989?format=json","vulnerability_id":"VCID-eahe-s41f-ckc1","summary":"Magento Open Source Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116","reference_id":"","reference_type":"","scores":[{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-10T13:56:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116","reference_id":"CVE-2024-45116","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116"},{"reference_url":"https://github.com/advisories/GHSA-873m-72g6-853g","reference_id":"GHSA-873m-72g6-853g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-873m-72g6-853g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45116","GHSA-873m-72g6-853g"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eahe-s41f-ckc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55998?format=json","vulnerability_id":"VCID-evth-swm9-k3de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121","reference_id":"CVE-2024-45121","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121"},{"reference_url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg","reference_id":"GHSA-2qhq-fw98-h6wg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45121","GHSA-2qhq-fw98-h6wg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evth-swm9-k3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55993?format=json","vulnerability_id":"VCID-gxj9-a1hc-47de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:45:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118","reference_id":"CVE-2024-45118","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118"},{"reference_url":"https://github.com/advisories/GHSA-cg52-68fv-94qq","reference_id":"GHSA-cg52-68fv-94qq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cg52-68fv-94qq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45118","GHSA-cg52-68fv-94qq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxj9-a1hc-47de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55980?format=json","vulnerability_id":"VCID-kje4-asu6-dfg2","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129","reference_id":"CVE-2024-45129","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129"},{"reference_url":"https://github.com/advisories/GHSA-m58h-998x-66f3","reference_id":"GHSA-m58h-998x-66f3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m58h-998x-66f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45129","GHSA-m58h-998x-66f3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kje4-asu6-dfg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55991?format=json","vulnerability_id":"VCID-ns8t-vtcn-aqh4","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:46Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149","reference_id":"CVE-2024-45149","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149"},{"reference_url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw","reference_id":"GHSA-w7rg-7wq2-pjrw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45149","GHSA-w7rg-7wq2-pjrw"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8t-vtcn-aqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55997?format=json","vulnerability_id":"VCID-qgpx-hgzu-5qgp","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30523","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:59:49Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122","reference_id":"CVE-2024-45122","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122"},{"reference_url":"https://github.com/advisories/GHSA-46fm-x82m-5f74","reference_id":"GHSA-46fm-x82m-5f74","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-46fm-x82m-5f74"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45122","GHSA-46fm-x82m-5f74"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgpx-hgzu-5qgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55978?format=json","vulnerability_id":"VCID-rduw-apr6-4fdu","summary":"Magento Open Source Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34443","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:00:24Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135","reference_id":"CVE-2024-45135","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135"},{"reference_url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww","reference_id":"GHSA-8pxg-gcp4-57ww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45135","GHSA-8pxg-gcp4-57ww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rduw-apr6-4fdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55988?format=json","vulnerability_id":"VCID-rxac-w9pd-aqe1","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3242","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131","reference_id":"CVE-2024-45131","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131"},{"reference_url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm","reference_id":"GHSA-xc5p-773w-m3pm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45131","GHSA-xc5p-773w-m3pm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxac-w9pd-aqe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55992?format=json","vulnerability_id":"VCID-txb3-ez5r-r7ek","summary":"Magento Open Source Improper Input Validation vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49631","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117","reference_id":"CVE-2024-45117","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117"},{"reference_url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g","reference_id":"GHSA-3fr3-gcqh-3m2g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45117","GHSA-3fr3-gcqh-3m2g"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txb3-ez5r-r7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55985?format=json","vulnerability_id":"VCID-ugyc-gehq-rudu","summary":"Magento Open Source Incorrect Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21314","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:06:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125","reference_id":"CVE-2024-45125","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125"},{"reference_url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh","reference_id":"GHSA-xg36-8c2v-jpxh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45125","GHSA-xg36-8c2v-jpxh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugyc-gehq-rudu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55979?format=json","vulnerability_id":"VCID-vu36-a1g1-nugt","summary":"Magento Open Source Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32354","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132","reference_id":"CVE-2024-45132","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132"},{"reference_url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm","reference_id":"GHSA-5f64-ppmg-cvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45132","GHSA-5f64-ppmg-cvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vu36-a1g1-nugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55996?format=json","vulnerability_id":"VCID-vx13-4b1d-wbgp","summary":"Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2257","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120","reference_id":"CVE-2024-45120","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120"},{"reference_url":"https://github.com/advisories/GHSA-47jp-46c9-25vf","reference_id":"GHSA-47jp-46c9-25vf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-47jp-46c9-25vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45120","GHSA-47jp-46c9-25vf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vx13-4b1d-wbgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55990?format=json","vulnerability_id":"VCID-wvyx-2bbb-9yf7","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28716","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133","reference_id":"CVE-2024-45133","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133"},{"reference_url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg","reference_id":"GHSA-j3mh-wx5f-2vhg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45133","GHSA-j3mh-wx5f-2vhg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyx-2bbb-9yf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55981?format=json","vulnerability_id":"VCID-xk5y-7a1w-zba9","summary":"Magento Open Source Server-Side Request Forgery (SSRF) vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57712","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:58:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119","reference_id":"CVE-2024-45119","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119"},{"reference_url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj","reference_id":"GHSA-g9fm-wc6h-pvgj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45119","GHSA-g9fm-wc6h-pvgj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5y-7a1w-zba9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55987?format=json","vulnerability_id":"VCID-y1v3-9tyq-uqhd","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30677","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134","reference_id":"CVE-2024-45134","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134"},{"reference_url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g","reference_id":"GHSA-4f89-5cwm-rm5g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45134","GHSA-4f89-5cwm-rm5g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1v3-9tyq-uqhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55983?format=json","vulnerability_id":"VCID-z2v2-n138-6ydv","summary":"Magento Open Source stored Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127","reference_id":"","reference_type":"","scores":[{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83543","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:55Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127","reference_id":"CVE-2024-45127","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127"},{"reference_url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2","reference_id":"GHSA-c89g-gq5r-2xw2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45127","GHSA-c89g-gq5r-2xw2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2v2-n138-6ydv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55995?format=json","vulnerability_id":"VCID-zdpz-8tc2-6kah","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13975","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:53:58Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128","reference_id":"CVE-2024-45128","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128"},{"reference_url":"https://github.com/advisories/GHSA-qpp7-742q-58j3","reference_id":"GHSA-qpp7-742q-58j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qpp7-742q-58j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45128","GHSA-qpp7-742q-58j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdpz-8tc2-6kah"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"}