magento/core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2020-9664Criticalmagento/core: Magento php object injection vulnerabilityCVE-2020-9665Mediummagento/core: Magento stored cross-site scripting vulnerabilityCVE-2020-9630Criticalmagento/community-edition: Magento business logic error vulnerabilityCVE-2020-9632Criticalmagento/community-edition: Magento security mitigation bypass vulnerabilityCVE-2020-9631Criticalmagento/community-edition: Magento security mitigation bypass vulnerabilityCVE-2020-9591Highmagento/community-edition: Magento defense-in-depth security mitigation vulnerabilityCVE-2020-9588Highmagento/community-edition: Magento Signature verification bypassCVE-2020-9585Criticalmagento/community-edition: Magento Defense-in-depth security mitigation vulnerabilityCVE-2020-9587Highmagento/community-edition: Magento authorization bypass vulnerabilityCVE-2020-9583Criticalmagento/community-edition: Magento command injection vulnerabilityCVE-2020-9582Criticalmagento/community-edition: Magento command injection vulnerabilityCVE-2020-9584Mediummagento/community-edition: Magento Stored cross-site scriptingCVE-2020-9580Criticalmagento/community-edition: Magento Security mitigation bypass vulnerabilityCVE-2020-9579Criticalmagento/community-edition: Magento Security mitigation bypass vulnerabilityCVE-2020-9576Criticalmagento/community-edition: Magento command injection vulnerabilityCVE-2020-9577Mediummagento/core: Magento stored cross-site scripting vulnerabilityCVE-2020-9578Criticalmagento/community-edition: Magento command injection vulnerabilityCVE-2020-9581Mediummagento/community-edition: Magento stored cross-site scripting vulnerabilityCVE-2020-3715Mediummagento/community-edition: Magento stored cross-site scripting vulnerabilityCVE-2020-3719Highmagento/community-edition: Magento sql injection vulnerabilityCVE-2015-6497Highmagento/core: Magento arbitrary PHP code execution via the productData parameterCVE-2019-8231Highmagento/core: Magento Remote code execution through catalog attribute setsCVE-2019-8227Mediummagento/core: Magento XSS VulnerabilityCVE-2019-8230Highmagento/core: Magento Remote code execution through support/output path modification

Stop the waste.
Protect your environment with Kodem.