Browse Security Advisories
Security Advisories for magento/community-edition for https://github.com/magento/magento2 in packagist Clear Filters
Moderate
about 1 year ago
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Open Source Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
Critical
about 1 year ago
Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability
packagist
magento/community-edition
High
about 1 year ago
Magento Open Source Improper Authorization vulnerability
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Open Source Incorrect Authorization vulnerability
packagist
magento/community-edition
Critical
about 1 year ago
Magento Open Source Improper Authentication vulnerability
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
about 3 years ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
High
about 3 years ago
Magento Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
about 3 years ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
High
about 3 years ago
Magento Improper Authorization vulnerability
packagist
magento/community-edition
Moderate
about 3 years ago
Magento Improper Access Control vulnerability
packagist
magento/community-edition
Critical
about 3 years ago
Magento XML Injection vulnerability in the Widgets Module
packagist
magento/community-edition
Low
about 3 years ago
Magento Information Disclosure vulnerability
packagist
magento/community-edition
Moderate
about 3 years ago
Magento Improper Authorization vulnerability in the customers module
packagist
magento/project-community-edition, magento/community-edition
High
about 3 years ago
Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Unauthorized access to restricted resources
packagist
magento/community-edition
Moderate
about 3 years ago
Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Path Traversal vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Improper input validation vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento improper authorization vulnerability in the integrations module
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Reflected Cross-site Scripting vulnerability via 'file' parameter
packagist
magento/community-edition
Critical
about 3 years ago
Magento vulnerable to a file upload restriction bypass
packagist
magento/project-community-edition, magento/community-edition
High
about 3 years ago
Magento OS command injection via the customer attribute save controller
packagist
magento/community-edition
Critical
about 3 years ago
Magento OS command injection via the WebAPI
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento security mitigation bypass vulnerability
packagist
magento/community-edition
Moderate
about 3 years ago
Magento observable timing discrepancy vulnerability
packagist
magento/community-edition
Critical
about 3 years ago
Magento DOM-based Cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento path traversal vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento stored cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento Security mitigation bypass vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento Security mitigation bypass vulnerability
packagist
magento/core, magento/community-edition
Critical
about 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
High
almost 6 years ago
Unauthenticated crypto and weak IV in Magento\Framework\Encryption
packagist
magento/project-community-edition, magento/community-edition
Filter by Severity
Filter by Ecosystem
maven
6,782
packagist
5,383
pypi
4,882
npm
4,236
go
2,878
nuget
1,702
cargo
1,076
rubygems
928
hex
37
swift
36
actions
34
pub
10
Filter by Package
moodle/moodle
418
magento/community-edition
301
typo3/cms
190
pimcore/pimcore
120
dolibarr/dolibarr
116
typo3/cms-core
111
phpmyadmin/phpmyadmin
107
microweber/microweber
103
drupal/core
103
magento/project-community-edition
101
silverstripe/framework
92
drupal/drupal
83
librenms/librenms
83
thorsten/phpmyfaq
73
symfony/symfony
69
concrete5/concrete5
67
shopware/platform
58
craftcms/cms
52
baserproject/basercms
47
shopware/core
45
mautic/core
44
nilsteampassnet/teampass
42
mantisbt/mantisbt
41
showdoc/showdoc
41
froxlor/froxlor
40
intelliants/subrion
39
snipe/snipe-it
36
zendframework/zendframework1
34
shopware/shopware
30
getgrav/grav
30
mediawiki/core
28
centreon/centreon
27
prestashop/prestashop
26
contao/core-bundle
25
getkirby/cms
24
pocketmine/pocketmine-mp
24
magento/core
24
phpoffice/phpexcel
23
laravel/framework
23
grumpydictator/firefly-iii
23
simplesamlphp/simplesamlphp
23
zendframework/zendframework
23
remdex/livehelperchat
23
tribalsystems/zenario
22
phpoffice/phpspreadsheet
21
funadmin/funadmin
20
cockpit-hq/cockpit
20
topthink/framework
19
contao/contao
18
genix/cms
18
forkcms/forkcms
18
cakephp/cakephp
17
opencart/opencart
17
symfony/security
17
yetiforce/yetiforce-crm
17
francoisjacquet/rosariosis
17
typo3/cms-backend
17
openmage/magento-lts
17
ezsystems/ezpublish-kernel
17
phpbb/phpbb
16
october/system
16
bolt/bolt
15
silverstripe/cms
15
smarty/smarty
15
symfony/security-http
15
ec-cube/ec-cube
15
pimcore/admin-ui-classic-bundle
15
phpmailer/phpmailer
14
modx/revolution
14
codeigniter4/framework
14
dompdf/dompdf
14
feehi/cms
14
elefant/cms
13
phpmyfaq/phpmyfaq
13
lavalite/cms
13
yeswiki/yeswiki
13
studio-42/elfinder
13
sylius/sylius
13
admidio/admidio
13
impresscms/impresscms
13
symfony/http-foundation
12
wwbn/avideo
12
wallabag/wallabag
12
alextselegidis/easyappointments
12
tinymce
11
tinymce/tinymce
11
ezsystems/ezplatform-kernel
11
sulu/sulu
11
pagekit/pagekit
11
leantime/leantime
11
october/october
11
yiisoft/yii2
11
feehi/feehicms
11
TinyMCE
11
nukeviet/nukeviet
11
ezsystems/ezpublish-legacy
10
ssddanbrown/bookstack
10
spatie/browsershot
10
bootstrap
9
in2code/powermail
9
statamic/cms
9
croogo/croogo
9
twbs/bootstrap
9
concrete5/core
9
billz/raspap-webgui
9
bootstrap
9
contao/core
9
pterodactyl/panel
9
in2code/femanager
9
org.webjars:bootstrap
9
twig/twig
9
kevinpapst/kimai2
9
bootstrap
9
ezsystems/ezplatform-admin-ui
9
pimcore/customer-management-framework-bundle
9
directmailteam/direct-mail
8
tecnickcom/tcpdf
8
facturascripts/facturascripts
8
october/cms
8
codiad/codiad
8
silverstripe/graphql
8
composer/composer
8
silverstripe/admin
8
flarum/core
8
gilacms/gila
8
joomla/joomla-cms
8
starcitizentools/citizen-skin
8
passbolt/passbolt_api
7
unopim/unopim
7
backdrop/backdrop
7
simplesamlphp/saml2
7
redaxo/source
7
symfony/http-kernel
7
bootstrap.sass
7
shopxo/shopxo
7
wpglobus/wpglobus
7
yiisoft/yii2-dev
7
october/backend
7
bootstrap-sass
7
nystudio107/craft-seomatic
6
zoujingli/thinkadmin
6
dweeves/magmi
6
guzzlehttp/guzzle
6
drupal/core-recommended
6
phpseclib/phpseclib
6
bootstrap-sass
6
gleez/cms
6
typo3/cms-install
6
vrana/adminer
6
oro/platform
6
icecoder/icecoder
6
adodb/adodb-php
6
api-platform/core
6
yourls/yourls
6
pear/archive_tar
6
bagisto/bagisto
6
ibexa/core
5
elgg/elgg
5
silverstripe/assets
5
kimai/kimai
5
phpservermon/phpservermon
5
mautic/core-lib
5
thinkcmf/thinkcmf
5
typo3/flow
5
woocommerce/woocommerce
5
neos/neos
5
limesurvey/limesurvey
5
gugoan/economizzer
5
juzaweb/cms
5
neos/flow
5
tcg/voyager
5
illuminate/database
5
cachethq/cachet
5
getformwork/formwork
5
phpxmlrpc/phpxmlrpc
5
anchorcms/anchor-cms
5
symfony/security-core
5
symfony/security-bundle
5
ibexa/admin-ui
5
bottelet/flarepoint
5
wp-premium/gravityforms
4
pixelfed/pixelfed
4
friendsofsymfony/user-bundle
4
bref/bref
4
codeigniter4/shield
4
evolutioncms/evolution
4
typo3/cms-frontend
4
elmsln/haxcms
4
shopware/storefront
4
processwire/processwire
4
league/commonmark
4
ckeditor/ckeditor
4
drupal/ai
4
enshrined/svg-sanitize
4
reportico-web/reportico
4
moonshine/moonshine
4
appwrite/server-ce
4
idno/known
4
dcat/laravel-admin
4
flarum/framework
4