Security Advisories - magento/community-edition - Packagist

magento/community-edition Security Advisories for 0.42.0-beta7 (6)

[CRITICAL] Magento 2 Community Edition RCE via Unsafe File Upload

PKSA-wd67-z9cy-8cfd CVE-2020-24407 GHSA-7pxg-6p87-8c9v

Affected version: <=2.4.0

Reported by:
GitHub
[MEDIUM] Magento 2 Community Edition Incorrect Authorization

PKSA-ds46-4wsj-k4fh CVE-2020-24401 GHSA-f2g3-3c6q-4478

Affected version: <=2.4.0

Reported by:
GitHub
[LOW] Magento 2 Community Edition vulnerable to Improper Authorization

PKSA-jj68-r2qs-83z3 CVE-2020-24404 GHSA-rwf7-652f-76mv

Affected version: =2.4.0|<2.3.6

Reported by:
GitHub
[MEDIUM] Magento 2 Community Edition XSS Vulnerability

PKSA-rs6t-7sf8-mdt8 CVE-2020-24408 GHSA-jxjc-6xmh-h7mg

Affected version: <=2.4.0

Reported by:
GitHub
[MEDIUM] Magento 2 Community Edition XSS Vulnerability

PKSA-5gp2-45jv-txts CVE-2019-8227 GHSA-j49x-jjmj-9fqj

Affected version: <1.9.4.3

Reported by:
GitHub
[HIGH] Magento 2 Community Edition RCE Vulnerability

PKSA-qvmd-xx88-c5j8 CVE-2019-8114 GHSA-crv7-r357-gw3w

Affected version: >=2.3.0,<2.3.2-p1|>=2.2.0,<2.2.10|<1.9.4.3

Reported by:
GitHub