magento/project-community-edition vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2021-28583Highmagento/community-edition: Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formatsCVE-2021-28584Mediummagento/community-edition: Magento Path Traversal vulnerabilityCVE-2021-28585Mediummagento/community-edition: Magento Improper input validation vulnerabilityCVE-2021-21031Mediummagento/community-edition: Magento Insufficient Session ExpirationCVE-2021-21026Mediummagento/community-edition: Magento improper authorization vulnerability in the integrations moduleCVE-2021-21023Mediummagento/community-edition: Magento stored cross-site scripting vulnerability in the admin consoleCVE-2021-21032Mediummagento/community-edition: Magento Insufficient Session ExpirationCVE-2021-21022Mediummagento/community-edition: Magento Insecure Direct Object Reference (IDOR) in the product moduleCVE-2021-21030Highmagento/community-edition: Magento stored cross-site scripting (XSS) in the customer address upload featureCVE-2021-21027Mediummagento/community-edition: Magento cross-site request forgery (CSRF) vulnerability via the GraphQL APICVE-2021-21020Mediummagento/community-edition: Magento Improper Access ControlCVE-2021-21025Criticalmagento/community-edition: Magento XPath InjectionCVE-2021-21014Criticalmagento/community-edition: Magento vulnerable to a file upload restriction bypassCVE-2021-21016Criticalmagento/community-edition: Magento OS command injection via the WebAPICVE-2020-24407Criticalmagento/community-edition: Magento 2 Community Edition RCE via Unsafe File UploadCVE-2020-24402Mediummagento/community-edition: Magento incorrect permissions vulnerability in the Integrations componentCVE-2020-24403Lowmagento/community-edition: Magento incorrect user permissions vulnerability within the Inventory componentCVE-2020-24401Mediummagento/community-edition: Magento 2 Community Edition Incorrect AuthorizationCVE-2020-9691Criticalmagento/community-edition: Magento DOM-based Cross-site scripting vulnerabilityCVE-2020-9689Mediummagento/community-edition: Magento path traversal vulnerabilityCVE-2020-9630Criticalmagento/community-edition: Magento business logic error vulnerabilityCVE-2020-9632Criticalmagento/community-edition: Magento security mitigation bypass vulnerabilityCVE-2020-9631Criticalmagento/community-edition: Magento security mitigation bypass vulnerabilityCVE-2020-9588Highmagento/community-edition: Magento Signature verification bypassCVE-2020-9585Criticalmagento/community-edition: Magento Defense-in-depth security mitigation vulnerability

Stop the waste.
Protect your environment with Kodem.