magento/community-edition vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-PRPF-CJ87-HWVRCriticalmagento/community-edition: Magento Patch SUPEE-10752 - Multiple security enhancements vulnerabilitiesCVE-2024-20758Highmagento/community-edition: Magento Open Source allows Improper Input ValidationCVE-2024-20759Mediummagento/community-edition: Magento Open Source allows Cross-Site Scripting (XSS)CVE-2024-20720Highmagento/community-edition: Magento Open Source allows OS Command InjectionCVE-2024-20719Highmagento/community-edition: Magento Open Source allows Cross-Site Scripting (XSS)CVE-2024-20718Mediummagento/community-edition: Magento Open Source allows Cross-Site Request Forgery (CSRF)CVE-2024-20716Mediummagento/community-edition: Magento Open Source allows Uncontrolled Resource ConsumptionCVE-2023-38251Mediummagento/community-edition: Magento Open Source allows Uncontrolled Resource ConsumptionCVE-2023-38249Mediummagento/community-edition: Magento Open Source allows SQL InjectionCVE-2023-38250Mediummagento/community-edition: Magento Open Source allows SQL Injection CVE-2023-38218Mediummagento/community-edition: Magento Open Source allows Incorrect AuthorizationCVE-2023-38219Lowmagento/community-edition: Magento Open Source allows Cross-Site Scripting (XSS)CVE-2023-38220Mediummagento/community-edition: Magento Open Source allows Improper AuthorizationCVE-2023-26367Mediummagento/community-edition: Magento Open Source has Improper Input Validation VulnerabilityCVE-2023-26366Mediummagento/community-edition: Magento Open Source allows Server-Side Request Forgery (SSRF)CVE-2023-38221Mediummagento/community-edition: Magento Open Source allows SQL Injection CVE-2022-24093Mediummagento/community-edition: Magento Open Source affected by Improper Input ValidationCVE-2021-36023Criticalmagento/project-community-edition: Magento XML Injection vulnerability in the Widgets Update LayoutCVE-2021-36036Criticalmagento/project-community-edition: Magento improper access control vulnerability within Magento's Media Gallery Upload workflowCVE-2021-36021Criticalmagento/project-community-edition: Magento affected by remote code execution vulnerability in the CMS page scheduled update featureCVE-2023-38209Mediummagento/community-edition: Magento Open Source allows Incorrect Authorization CVE-2023-38207Lowmagento/community-edition: Magento Open Source allows XML InjectionCVE-2023-38208Highmagento/community-edition: Magento Open Source allows Improper Neutralization of Special Elements UsedCVE-2023-22249Lowmagento/community-edition: Magento Open Source allows Cross-Site Scripting (XSS)CVE-2023-29297Highmagento/community-edition: Magento Open Source allows Improper Neutralization of Special Elements Used

Stop the waste.
Protect your environment with Kodem.