VDB
GCVE-VVD-NCSC-2024-255
GCVE-VVD-NCSC-2024-255
Advisory PublishedCVSS 9.8/10
Adobe heeft kwetsbaarheden verholpen in Commerce en Magento.
Weaknesses (CWE)
CWE-611Improper Restriction of XML External Entity ReferenceCWE-287Improper AuthenticationCWE-285Improper AuthorizationCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-284Improper Access ControlCWE-20Improper Input ValidationCWE-434Unrestricted Upload of File with Dangerous TypeCWE-918Server-Side Request Forgery (SSRF)
Risk Scores
CVSS 3.1
9.8/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| adobe | adobe_commerce | — | — |
| adobe | magento_open_source | — | — |
| adobe | adobe_commerce_webhooks_plugin | — | — |
Aliases
CVE-2024-34109CVE-2024-34110CVE-2024-34107CVE-2024-34104CVE-2024-34111CVE-2024-34106CVE-2024-34108CVE-2024-34103CVE-2024-34102CVE-2024-34105
Transitive aliases
VVD-ANCHORE-2024-34106BDU:2024-04655CNVD-2024-28954GHSA-h44r-7f3w-cmm3BIT-magento-2024-34109GHSA-p6h9-gx5g-wg64VVD-ANCHORE-2024-34105VVD-CISA-2024-34108CNVD-2024-28952VVD-CISA-2024-34103CNVD-2024-28956BIT-magento-2024-34102GHSA-x9g5-mhfw-m5p8VVD-ANCHORE-2024-34109VVD-CISA-2024-34109BIT-magento-2024-34103VVD-CISA-2024-34106GHSA-5632-wq7m-gfq9BDU:2024-04664CNVD-2024-28958CNVD-2024-28961BDU:2024-04653BIT-magento-2024-34105EUVD-2024-34631EUVD-2024-2198EUVD-2024-1925CNVD-2024-28959EUVD-2024-2094VVD-ANCHORE-2024-34103EUVD-2024-34633EUVD-2024-2102CNVD-2024-28955BIT-magento-2024-34110VVD-ANCHORE-2024-34104BIT-magento-2024-34111BIT-magento-2024-34104GHSA-r7cm-g469-wm4gVVD-ANCHORE-2024-34107VVD-CISA-2024-34105VVD-CISA-2024-34111VVD-CISA-2024-34110BIT-magento-2024-34106BIT-magento-2024-34107BDU:2024-04621VVD-CISA-2024-34107EUVD-2024-2037BDU:2024-04662EUVD-2024-2118BDU:2024-04647BDU:2024-04989VVD-ANCHORE-2024-34110GHSA-m8cj-3v68-3cxjVVD-ANCHORE-2024-34108EUVD-2024-34632CNVD-2024-28957BIT-magento-2024-34108BDU:2024-04663VVD-ANCHORE-2024-34111GHSA-f7q4-9gwv-6774GHSA-x6mf-qhjj-pcj9VVD-ANCHORE-2024-34102VVD-CISA-2024-34102EUVD-2024-2155GHSA-wwj3-573j-rvvmBDU:2024-04665GHSA-jmqp-r3gg-6jh3BDU:2024-04654CNVD-2024-28960VVD-CISA-2024-34104
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.