magento/core Security Advisories (24)
-
[MEDIUM] Magento stored cross-site scripting vulnerability
PKSA-zk96-6nr8-xct8 CVE-2020-9665 GHSA-xc4p-j89c-p7x5
Affected version: <=1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento php object injection vulnerability
PKSA-ysmy-1kc5-5h9g CVE-2020-9664 GHSA-337c-3rch-q35j
Affected version: <=1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento security mitigation bypass vulnerability
PKSA-bg65-6q2g-bqzr CVE-2020-9632 GHSA-6w29-x5j4-qhrw
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento business logic error vulnerability
PKSA-9b6x-kzr5-g8mn CVE-2020-9630 GHSA-5j4w-v87m-8r65
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento security mitigation bypass vulnerability
PKSA-j7d1-2ydn-38zk CVE-2020-9631 GHSA-gffx-9f36-r8wp
Affected version: <1.9.4.5
Reported by:
GitHub -
[HIGH] Magento defense-in-depth security mitigation vulnerability
PKSA-59m3-q63v-yj92 CVE-2020-9591 GHSA-w7rh-9w5v-rwqj
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento command injection vulnerability
PKSA-jgcq-d9js-4q1n CVE-2020-9582 GHSA-c3m4-hxv9-4mxj
Affected version: <1.9.4.5
Reported by:
GitHub -
[HIGH] Magento Signature verification bypass
PKSA-pmm2-vdhv-zyh5 CVE-2020-9588 GHSA-j2r4-2cr6-h3r3
Affected version: <1.9.4.5
Reported by:
GitHub -
[HIGH] Magento authorization bypass vulnerability
PKSA-sfrm-fgjz-cw95 CVE-2020-9587 GHSA-8wm7-h2qh-ff4c
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento Defense-in-depth security mitigation vulnerability
PKSA-m4mk-hvdq-74xh CVE-2020-9585 GHSA-55gv-hfg3-hwjq
Affected version: <1.9.4.5
Reported by:
GitHub -
[MEDIUM] Magento Stored cross-site scripting
PKSA-4vvf-kxm4-82ft CVE-2020-9584 GHSA-45h4-6gcj-6hwv
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento command injection vulnerability
PKSA-jxbk-vmb7-rd1n CVE-2020-9583 GHSA-c55h-7q4j-g6rq
Affected version: <1.9.4.5
Reported by:
GitHub -
[MEDIUM] Magento stored cross-site scripting vulnerability
PKSA-r6d8-sxrf-bzy5 CVE-2020-9581 GHSA-2w2x-7qgj-4x78
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento Security mitigation bypass vulnerability
PKSA-mt4b-fr7j-7x82 CVE-2020-9580 GHSA-j2jp-58gv-g2pg
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento Security mitigation bypass vulnerability
PKSA-cxsd-6kjs-gn4k CVE-2020-9579 GHSA-vrp3-wc28-qg2h
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento command injection vulnerability
PKSA-kht3-j6d7-21qr CVE-2020-9578 GHSA-724x-gqhv-9c5x
Affected version: <1.9.4.5
Reported by:
GitHub -
[MEDIUM] Magento stored cross-site scripting vulnerability
PKSA-xy78-cftc-v7pb CVE-2020-9577 GHSA-689w-2f93-2x67
Affected version: <1.9.4.5
Reported by:
GitHub -
[CRITICAL] Magento command injection vulnerability
PKSA-6q14-5wwg-cwpq CVE-2020-9576 GHSA-4f7x-gjqc-qqpg
Affected version: <1.9.4.5
Reported by:
GitHub -
[HIGH] Magento sql injection vulnerability
PKSA-9s5c-1fbr-kzsg CVE-2020-3719 GHSA-rr59-pjwj-6grj
Affected version: <1.9.4.4
Reported by:
GitHub -
[MEDIUM] Magento stored cross-site scripting vulnerability
PKSA-hbys-7vhq-bfzf CVE-2020-3715 GHSA-mgg3-v948-2vgr
Affected version: <1.9.4.4
Reported by:
GitHub -
[HIGH] Magento arbitrary PHP code execution via the productData parameter
PKSA-t9w9-ghks-gx3y CVE-2015-6497 GHSA-j4fq-3fm7-wh5v
Affected version: <1.9.2.1
Reported by:
GitHub -
[HIGH] Magento Remote code execution through catalog attribute sets
PKSA-2p5c-8rvz-2qss CVE-2019-8231 GHSA-qpc8-m2xm-9w75
Affected version: <1.9.4.3
Reported by:
GitHub -
[HIGH] Magento Remote code execution through support/output path modification
PKSA-7cfh-bkqx-kr7t CVE-2019-8230 GHSA-qp43-2vhf-cj8g
Affected version: <1.9.4.3
Reported by:
GitHub -
[MEDIUM] Magento XSS Vulnerability
PKSA-8c47-bxf7-d4bh CVE-2019-8227 GHSA-j49x-jjmj-9fqj
Affected version: <1.9.4.3
Reported by:
GitHub