Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

magento/community-edition

packagist

Magento 2 (Open Source)

View on github.com · View on packagist.org

Security Advisories for magento/community-edition in packagist

High
over 1 year ago

Magento Open Source allows Improper Input Validation GSA_kwCzR0hTQS13aDRtLTZyaDMtcDRycc4AA63V

packagist magento/project-community-edition, magento/community-edition
High
almost 2 years ago

Magento Open Source allows OS Command Injection GSA_kwCzR0hTQS01MjVmLXB2ajUtdnFtcc4AA5Uh

packagist magento/project-community-edition, magento/community-edition
High
almost 2 years ago

Magento Open Source allows Cross-Site Scripting (XSS) GSA_kwCzR0hTQS0yNjRnLWY3djgtcTVxcc4AA5Ue

packagist magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago

Magento Open Source allows Cross-Site Request Forgery (CSRF) GSA_kwCzR0hTQS1ocWdqLTQzOTYtaG14ds4AA5UR

packagist magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago

Magento Open Source allows Uncontrolled Resource Consumption GSA_kwCzR0hTQS1jOWg5LWg1Z2YtODg1cs4AA5UQ

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source allows SQL Injection GSA_kwCzR0hTQS1ycTM2LTlmNWYtMmd3N84AA2bl

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source allows SQL Injection GSA_kwCzR0hTQS1oM2c5LWN3cjYtaHBoeM4AA2bk

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source allows Uncontrolled Resource Consumption GSA_kwCzR0hTQS03cGZjLTgzNHEtaDQ5N84AA2bm

packagist magento/community-edition
Moderate
about 2 years ago

Magento Open Source allows Improper Authorization GSA_kwCzR0hTQS1ncmM2LXI2ZjgteGo3Y84AA2bh

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source allows Server-Side Request Forgery (SSRF) GSA_kwCzR0hTQS04anhjLTVmOTQtMjJ2aM4AA2bf

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source allows Incorrect Authorization GSA_kwCzR0hTQS1ycGM3LWdmNTgtdjN4Ms4AA2bj

packagist magento/project-community-edition, magento/community-edition
Low
about 2 years ago

Magento Open Source allows Cross-Site Scripting (XSS) GSA_kwCzR0hTQS0zajd3LWpwNDYtOTc1Ms4AA2bi

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source has Improper Input Validation Vulnerability GSA_kwCzR0hTQS05bXg2LTRnZzQtODV4as4AA2bg

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source allows SQL Injection GSA_kwCzR0hTQS1nZ3I4LTNod3gtNGYybc4AA2be

packagist magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago

Magento Open Source affected by Improper Input Validation GSA_kwCzR0hTQS01eG1wLTd3ZzUteDY4cc4AA17M

packagist magento/project-community-edition, magento/community-edition
Critical
about 2 years ago

Magento XML Injection vulnerability in the Widgets Update Layout GSA_kwCzR0hTQS04Y2pnLWY1M20tOG05cc4AA1vH

packagist magento/community-edition, magento/project-community-edition
Critical
about 2 years ago

Magento improper access control vulnerability within Magento's Media Gallery Upload workflow GSA_kwCzR0hTQS13cXI2LXd2NmMtcDhmeM4AA1u9

packagist magento/community-edition, magento/project-community-edition
Critical
about 2 years ago

Magento affected by remote code execution vulnerability in the CMS page scheduled update feature GSA_kwCzR0hTQS00ZzI3LXEydzktbThtOM4AA1u6

packagist magento/community-edition, magento/project-community-edition
High
over 2 years ago

Magento Open Source allows Improper Neutralization of Special Elements Used GSA_kwCzR0hTQS1teGM5LWc2bTQtMnYzNc4AA1K5

packagist magento/project-community-edition, magento/community-edition
Low
over 2 years ago

Magento Open Source allows XML Injection GSA_kwCzR0hTQS1ycHYyLWc0cGMtd3A3Ms4AA1K6

packagist magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Incorrect Authorization GSA_kwCzR0hTQS0zdmcyLXY2MzktNmNoOc4AA1K9

packagist magento/project-community-edition, magento/community-edition
Low
over 2 years ago

Magento Open Source allows Cross-Site Scripting (XSS) GSA_kwCzR0hTQS1meGNyLWd2Y3ctaG1xbc4AA0U7

packagist magento/community-edition
Low
over 2 years ago

Magento Open Source allows Incorrect Authorization GSA_kwCzR0hTQS0zNTRoLWZwbXEtNjh2N84AAz4Z

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Incorrect Authorization GSA_kwCzR0hTQS1xdzVtLXZtcDMtZjU1M84AAz4v

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows XML Injection GSA_kwCzR0hTQS13aDQyLThyMnctODczeM4AAz4V

packagist magento/project-community-edition, magento/community-edition
Low
over 2 years ago

Magento Open Source affected by Improper Input Validation GSA_kwCzR0hTQS02NmM5LXhyd2otOXh2Ns4AAz4t

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Server-Side Request Forgery (SSRF) GSA_kwCzR0hTQS00NTg4LTd4NDgtanJnas4AAz41

packagist magento/project-community-edition, magento/community-edition
Low
over 2 years ago

Magento Open Source has Business Logic Errors Vulnerability GSA_kwCzR0hTQS0yOHZwLTM5cmYtM3Eyas4AAz4q

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Incorrect Authorization GSA_kwCzR0hTQS1mOTg5LTNmcDktcTNyMs4AAz4U

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Server-Side Request Forgery (SSRF) GSA_kwCzR0hTQS01Zjc5LXZocjQtdncycs4AAz44

packagist magento/project-community-edition, magento/community-edition
High
over 2 years ago

Magento Open Source allows Improper Neutralization of Special Elements Used GSA_kwCzR0hTQS1nZm1tLXd3NmYtNW1tNc4AAz49

packagist magento/project-community-edition, magento/community-edition
Low
over 2 years ago

Magento Open Source allows Incorrect Authorization GSA_kwCzR0hTQS0zcXI0LXc5NmYtNjcyds4AAz4W

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source affected by Improper Input Validation GSA_kwCzR0hTQS01amZnLXBoeDctN2Z4Z84AAz4n

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Information Exposure GSA_kwCzR0hTQS04NW00LWc5dnEteHB4as4AAz4m

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Incorrect Authorization GSA_kwCzR0hTQS0yd203LW1tZ2MtcXhyM84AAyWc

packagist magento/project-community-edition, magento/community-edition
High
over 2 years ago

Magento Open Source allows XML Injection GSA_kwCzR0hTQS0yNDQ0LThnajgtNmZteM4AAyWb

packagist magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago

Magento Open Source allows Improper Access Control GSA_kwCzR0hTQS00aDdwLTR2cTgtZzJnaM4AAyWV

packagist magento/community-edition
High
about 3 years ago

Magento Improper input validation vulnerability GSA_kwCzR0hTQS0yOTdmLXI5dzctdzQ5Ms4AAve8

packagist magento/community-edition
High
about 3 years ago

Magento Open Source allows Stored Cross-Site Scripting (Stored XSS) GSA_kwCzR0hTQS00dmoyLTQyNnItam0zZ84AAvWU

packagist magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago

Magento Open Source allows Improper Access Control GSA_kwCzR0hTQS01Znh4LWp3am0teDloas4AAvWb

packagist magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago

Magento Open Source has Improper Access Control vulnerability GSA_kwCzR0hTQS1nbTRtLTlybTgtN3J4as4AAuWg

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento Path Traversal vulnerability GSA_kwCzR0hTQS1meDlnLWc5cTYteDNqeM4AAuCO

packagist magento/community-edition
Moderate
over 3 years ago

Magento stored Cross-Site Scripting (XSS) vulnerability GSA_kwCzR0hTQS1yZzdwLXdtZ2otZjM3NM4AAuCM

packagist magento/community-edition
High
over 3 years ago

Magento Improper Access Control vulnerability GSA_kwCzR0hTQS14OTV4LWY0ZzktbW04Nc4AAuDM

packagist magento/community-edition
Moderate
over 3 years ago

Magento Improper Access Control vulnerability GSA_kwCzR0hTQS05d2pmLTk0aDMtcjRyaM4AAuCN

packagist magento/community-edition
High
over 3 years ago

Magento Improper Authorization vulnerability GSA_kwCzR0hTQS1yN21tLWdyZjMtNWZqds4AAuDW

packagist magento/community-edition
Moderate
over 3 years ago

Magento stored Cross-Site Scripting (XSS) vulnerability GSA_kwCzR0hTQS01bTU1LWc4cHYteDh3d84AAuDG

packagist magento/community-edition
Critical
over 3 years ago

Magento XML Injection vulnerability in the Widgets Module GSA_kwCzR0hTQS1jajd3LXBtNzctaHZnNs4AAuCK

packagist magento/community-edition
Moderate
over 3 years ago

Magento stored cross-site scripting vulnerability GSA_kwCzR0hTQS14MnYyLTJqaHAtYzVods4AArLJ

packagist magento/community-edition, magento/project-community-edition
Moderate
over 3 years ago

Magento stored cross-site scripting vulnerability in the customer address upload feature GSA_kwCzR0hTQS04Z2ZxLW00Y2Ytdzk3Nc4AArFi

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento remote code execution vulnerability GSA_kwCzR0hTQS00djJxLWhqeDMtYzR2cs4AAq98

packagist magento/community-edition
Critical
over 3 years ago

Magento Broken authentication and session managememt GSA_kwCzR0hTQS04bXd4LXdwcDQtNXhoNM4AAq-O

packagist magento/community-edition
Critical
over 3 years ago

Magento 2 Community Edition SQLi Vulnerability GSA_kwCzR0hTQS00ajZ3LTlyZjgtaGc3cs4AAq5P

packagist magento/community-edition
Moderate
over 3 years ago

Magento Open Source allows Cross-Site Request Forgery (CSRF) GSA_kwCzR0hTQS05NHdxLTg3ZzYtOGg3N84AAqUH

packagist magento/project-community-edition, magento/community-edition
Low
over 3 years ago

Magento Information Disclosure vulnerability GSA_kwCzR0hTQS13OTQyLWZ3OTItbXFtMs4AApza

packagist magento/community-edition
Moderate
over 3 years ago

Magento Improper Authorization vulnerability in the customers module GSA_kwCzR0hTQS1jYzN3LXIzdzgtaGZoN84AApzl

packagist magento/community-edition
High
over 3 years ago

Magento XML Injection vulnerability in the Widgets Update Layout GSA_kwCzR0hTQS0zeDl4LXZocWotY3YyN84AApvo

packagist magento/community-edition, magento/project-community-edition
Moderate
over 3 years ago

Magento affected by a business logic error in the placeOrder graphql mutation GSA_kwCzR0hTQS0zZjk3LTdwZ3YtZ21ncs4AApvp

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento XML Injection vulnerability in the 'City' field GSA_kwCzR0hTQS14dnB4LTZoaDgtN2g3Ms4AApvg

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento improper authorization vulnerability GSA_kwCzR0hTQS1tOHd4LXdocHAtcTI4M84AApvi

packagist magento/community-edition, magento/project-community-edition
Critical
over 3 years ago

Magento is affected by an improper input validation vulnerability while saving a customer's details GSA_kwCzR0hTQS1ndmZ4LTltOXYtaDgzOc4AApvl

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento Path Traversal vulnerability via the `theme[preview_image]` parameter GSA_kwCzR0hTQS03dzk1LXF3aGgtcTlwM84AApvQ

packagist magento/community-edition, magento/project-community-edition
Critical
over 3 years ago

Magento has an XML Injection vulnerability GSA_kwCzR0hTQS01cGpqLTdmcTgtOWdwZs4AApvb

packagist magento/community-edition, magento/project-community-edition
Critical
over 3 years ago

Magento XML Injection vulnerability in the Widgets Module GSA_kwCzR0hTQS1wNzQ2LXF3NzMtcW1teM4AApvR

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento is affected by an os command injection via the Data collection endpoint GSA_kwCzR0hTQS1xbXE2LWpwdmctajU0N84AApvj

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento allows attackers to alter the price of items GSA_kwCzR0hTQS1yaGZmLTY1aHAtNTVyd84AApvT

packagist magento/community-edition, magento/project-community-edition
Critical
over 3 years ago

Magento executes code via the API File Option Upload Extension GSA_kwCzR0hTQS02Y3d2LXdqN3YtNzN4cM4AApvS

packagist magento/community-edition, magento/project-community-edition
Moderate
over 3 years ago

Magento discloses sensitive information GSA_kwCzR0hTQS0zZzdtLWc4cW0teDZqNc4AApvd

packagist magento/community-edition, magento/project-community-edition
Moderate
over 3 years ago

Magento discloses sensitive information via the Multishipping Module GSA_kwCzR0hTQS13Z3ByLTk2NzUtOHI2N84AApve

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento affected by remote code execution via a file upload GSA_kwCzR0hTQS1qNDZoLXFqanYtY3hmas4AApvP

packagist magento/community-edition, magento/project-community-edition
Moderate
over 3 years ago

Magento is affected by an improper authorization vulnerability GSA_kwCzR0hTQS12cnEyLXc3cjctM2ZwMs4AApvW

packagist magento/community-edition, magento/project-community-edition
Critical
over 3 years ago

Magento has a file extension restrictions bypass GSA_kwCzR0hTQS0ycHE1LWdwcWYtZzRyM84AApvZ

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento vulnerable to file upload attack GSA_kwCzR0hTQS1teDVtLWo1eHItamc4Y84AApvX

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension GSA_kwCzR0hTQS0zNnhxLTd3OHcteHA2OM4AApvN

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento affected by a server-side denial-of-service using a GraphQL field GSA_kwCzR0hTQS13cjU3LTNoMmYtM3E5Nc4AApvO

packagist magento/community-edition, magento/project-community-edition
High
over 3 years ago

Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats GSA_kwCzR0hTQS03Z2g2LWY0amgtM2Nycc4AAo-E

packagist magento/community-edition
Moderate
over 3 years ago

Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies GSA_kwCzR0hTQS0zOWNoLXJnMjYtZ21xNc4AAo-X

packagist magento/community-edition
Moderate
over 3 years ago

Magento Unauthorized access to restricted resources GSA_kwCzR0hTQS1xOXh4LTQ2ODktZ3Z2Nc4AAo-B

packagist magento/community-edition
Moderate
over 3 years ago

Magento Improper input validation vulnerability GSA_kwCzR0hTQS1jMzhtLTk2NjgtNmoyd84AAo-D

packagist magento/community-edition
Moderate
over 3 years ago

Magento Path Traversal vulnerability GSA_kwCzR0hTQS03Z3B2LXhyanItZjVoNM4AAo-L

packagist magento/community-edition
Moderate
over 3 years ago

Magento Insufficient Session Expiration GSA_kwCzR0hTQS00aDNwLTYzeDYtdndnMs4AAnik

packagist magento/community-edition
Moderate
over 3 years ago

Magento stored cross-site scripting vulnerability in the admin console GSA_kwCzR0hTQS1oNXJtLW03NzItNnFjeM4AAnie

packagist magento/community-edition
Moderate
over 3 years ago

Magento Insecure Direct Object Reference (IDOR) in the product module GSA_kwCzR0hTQS04cGZxLWc0OHAteDd3OM4AAniY

packagist magento/community-edition
Moderate
over 3 years ago

Magento improper authorization vulnerability in the integrations module GSA_kwCzR0hTQS1jcmpjLTJ2OW0tOHc3cs4AAniu

packagist magento/community-edition
Moderate
over 3 years ago

Magento Insufficient Session Expiration GSA_kwCzR0hTQS00amZxLWY4aGMtNzc1cc4AAnia

packagist magento/community-edition
Critical
over 3 years ago

Magento Blind SQL Injection in the Search module GSA_kwCzR0hTQS1yajRmLWNwNHYtaHZjds4AAniQ

packagist magento/community-edition
Moderate
over 3 years ago

Magento Reflected Cross-site Scripting vulnerability via 'file' parameter GSA_kwCzR0hTQS1qd3hoLXdqNzktY2NtNs4AAniV

packagist magento/community-edition
Critical
over 3 years ago

Magento XML injection in the Widgets module GSA_kwCzR0hTQS1tdzk1LWdtdzQtODgzcM4AAniW

packagist magento/community-edition
High
over 3 years ago

Magento stored cross-site scripting (XSS) in the customer address upload feature GSA_kwCzR0hTQS02OTg4LWc4OW0tMjd2Zs4AAniS

packagist magento/community-edition
Moderate
over 3 years ago

Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API GSA_kwCzR0hTQS1oNHhjLTU3N3AtaGdqOc4AAniP

packagist magento/community-edition
Critical
over 3 years ago

Magento OS Command Injection GSA_kwCzR0hTQS1ydjQ4LXY4NjItbXA5Ms4AAni8

packagist magento/community-edition
Critical
over 3 years ago

Magento vulnerable to a file upload restriction bypass GSA_kwCzR0hTQS0yNjl3LXBxYzctNjhxOc4AAniK

packagist magento/community-edition
Critical
over 3 years ago

Magento XPath Injection GSA_kwCzR0hTQS1oNDM3LXFqajktdm1xNM4AAniO

packagist magento/community-edition
Moderate
over 3 years ago

Magento Improper Access Control GSA_kwCzR0hTQS0yajZ2LTgyOWctODg1cc4AAniR

packagist magento/community-edition
High
over 3 years ago

Magento OS command injection via the customer attribute save controller GSA_kwCzR0hTQS13MnA0LTJjOGMtMmc3aM4AAniA

packagist magento/community-edition
Critical
over 3 years ago

Magento OS command injection via the WebAPI GSA_kwCzR0hTQS03OTJmLWM4bXAtMmNyNc4AAnh_

packagist magento/community-edition
Low
over 3 years ago

Magento information disclosure vulnerability GSA_kwCzR0hTQS1tcjhxLTdmNWotd2M3Oc4AAmnC

packagist magento/community-edition
Moderate
over 3 years ago

Magento incorrect permissions vulnerability in the Inventory module GSA_kwCzR0hTQS1wN203LWo4anYtMzkzcc4AAmmO

packagist magento/community-edition
Critical
over 3 years ago

Magento 2 Community Edition RCE via Unsafe File Upload GSA_kwCzR0hTQS03cHhnLTZwODctOGM5ds4AAmmL

packagist magento/community-edition
Low
over 3 years ago

Magento incorrect user permissions vulnerability within the Inventory component GSA_kwCzR0hTQS0zOXJ3LTRtNjYtODJnZs4AAmmH

packagist magento/community-edition

Filter by Severity

Moderate 192 High 102 Critical 47 Low 17