Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-msac-ptqf-pyg1
Summary
Magento Open Source allows OS Command Injection
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.
Aliases
0
alias CVE-2024-20720
1
alias GHSA-525f-pvj5-vqmq
Fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p7
purl pkg:composer/magento/community-edition@2.4.4-p7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p7
1
url pkg:composer/magento/community-edition@2.4.5-p6
purl pkg:composer/magento/community-edition@2.4.5-p6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6
2
url pkg:composer/magento/community-edition@2.4.6-p4
purl pkg:composer/magento/community-edition@2.4.6-p4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4
Affected_packages
0
url pkg:composer/magento/community-edition@2.4.4-p1
purl pkg:composer/magento/community-edition@2.4.4-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1
1
url pkg:composer/magento/community-edition@2.4.4
purl pkg:composer/magento/community-edition@2.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4
2
url pkg:composer/magento/community-edition@2.4.5-p1
purl pkg:composer/magento/community-edition@2.4.5-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1
3
url pkg:composer/magento/community-edition@2.4.5
purl pkg:composer/magento/community-edition@2.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5
4
url pkg:composer/magento/community-edition@2.4.6-p1
purl pkg:composer/magento/community-edition@2.4.6-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-b4jg-dj1a-9qd5
1
vulnerability VCID-cgwk-hn4t-n7c1
2
vulnerability VCID-j124-q39m-mkby
3
vulnerability VCID-j5vp-2jrx-ukf4
4
vulnerability VCID-jhd5-tqph-3ufu
5
vulnerability VCID-kxnm-y19k-mqg2
6
vulnerability VCID-m83v-51cy-uqar
7
vulnerability VCID-msac-ptqf-pyg1
8
vulnerability VCID-p222-28c1-vfhy
9
vulnerability VCID-qfw5-3tdu-x7g4
10
vulnerability VCID-r7nh-arcj-8fb3
11
vulnerability VCID-rbjk-3gcs-2qb5
12
vulnerability VCID-rf6p-ct86-5bgz
13
vulnerability VCID-ruru-fwmn-5kes
14
vulnerability VCID-s5e2-d6n8-kkbr
15
vulnerability VCID-w3zd-fezc-nuhd
16
vulnerability VCID-y4r1-yr69-uuf6
17
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p1
5
url pkg:composer/magento/community-edition@2.4.6
purl pkg:composer/magento/community-edition@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7s7e-adr6-h3dc
4
vulnerability VCID-az2w-5xhy-5fe4
5
vulnerability VCID-b4jg-dj1a-9qd5
6
vulnerability VCID-cafy-5dd8-rudj
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-dj5a-35gt-u7dn
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-j124-q39m-mkby
12
vulnerability VCID-j5vp-2jrx-ukf4
13
vulnerability VCID-jhd5-tqph-3ufu
14
vulnerability VCID-kxnm-y19k-mqg2
15
vulnerability VCID-m83v-51cy-uqar
16
vulnerability VCID-msac-ptqf-pyg1
17
vulnerability VCID-mtr5-suag-2bdj
18
vulnerability VCID-p222-28c1-vfhy
19
vulnerability VCID-qfw5-3tdu-x7g4
20
vulnerability VCID-qrwc-3gsb-zkfy
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-th7y-aj51-mbaj
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-yyq6-dvyx-3bb9
34
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6
6
url pkg:composer/magento/project-community-edition@2.0.2
purl pkg:composer/magento/project-community-edition@2.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-36ve-7wxt-z7fz
2
vulnerability VCID-3et4-3zad-1qfn
3
vulnerability VCID-525q-afzj-tkcp
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-b5hn-f1qk-z7cu
8
vulnerability VCID-cafy-5dd8-rudj
9
vulnerability VCID-cgwk-hn4t-n7c1
10
vulnerability VCID-d2ab-j8bf-e7dx
11
vulnerability VCID-dj5a-35gt-u7dn
12
vulnerability VCID-dx43-89w9-a7dg
13
vulnerability VCID-fzam-yuyg-qyd5
14
vulnerability VCID-hh8a-mgkk-3yb5
15
vulnerability VCID-j124-q39m-mkby
16
vulnerability VCID-j5vp-2jrx-ukf4
17
vulnerability VCID-jhd5-tqph-3ufu
18
vulnerability VCID-kxnm-y19k-mqg2
19
vulnerability VCID-m83v-51cy-uqar
20
vulnerability VCID-msac-ptqf-pyg1
21
vulnerability VCID-mtr5-suag-2bdj
22
vulnerability VCID-nn21-hf8r-ykfd
23
vulnerability VCID-p222-28c1-vfhy
24
vulnerability VCID-qfw5-3tdu-x7g4
25
vulnerability VCID-qrwc-3gsb-zkfy
26
vulnerability VCID-r7nh-arcj-8fb3
27
vulnerability VCID-rbjk-3gcs-2qb5
28
vulnerability VCID-rf6p-ct86-5bgz
29
vulnerability VCID-ruru-fwmn-5kes
30
vulnerability VCID-s5e2-d6n8-kkbr
31
vulnerability VCID-th7y-aj51-mbaj
32
vulnerability VCID-upcj-z3c1-ubcf
33
vulnerability VCID-w3zd-fezc-nuhd
34
vulnerability VCID-wjfe-wh5k-1qft
35
vulnerability VCID-ws6y-k3tx-r3gb
36
vulnerability VCID-x46d-a16g-nkg9
37
vulnerability VCID-y4r1-yr69-uuf6
38
vulnerability VCID-y93w-2qcc-wqg8
39
vulnerability VCID-yuvf-e7hk-kqf9
40
vulnerability VCID-yyq6-dvyx-3bb9
41
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/project-community-edition@2.0.2
References
0
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
url https://github.com/magento/magento2
1
reference_url https://helpx.adobe.com/security/products/magento/apsb24-03.html
reference_id
reference_type
scores
url https://helpx.adobe.com/security/products/magento/apsb24-03.html
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-20720
reference_id CVE-2024-20720
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-20720
3
reference_url https://github.com/advisories/GHSA-525f-pvj5-vqmq
reference_id GHSA-525f-pvj5-vqmq
reference_type
scores
url https://github.com/advisories/GHSA-525f-pvj5-vqmq
Weaknesses
0
cwe_id 78
name Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-msac-ptqf-pyg1