magento/core vulnerabilities

Magento Core

Latest version: 1.7.0.2-patch18

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the magento/core package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Arbitrary Code Execution
<1.9.4.3 Not available 06 Nov, 2019
  • H
Information Exposure
<1.9.4.3 Not available 06 Nov, 2019
  • H
Arbitrary Code Execution
<1.9.4.3 Not available 06 Nov, 2019
  • H
Remote Code Execution
<1.9.4.3 Not available 05 Nov, 2019
  • H
Remote Code Execution
<1.9.4.3 Not available 05 Nov, 2019
  • H
Cross Site Scripting (XSS)
<1.9.4.3 Not available 18 Oct, 2019
  • M
Remote Code Execution (RCE)
<1.9.4.3 Not available 18 Oct, 2019
  • M
Race Condition
<1.9.4.3 Not available 18 Oct, 2019
  • M
Remote Code Execution (RCE)
<1.9.4.3 Not available 18 Oct, 2019
  • H
Cross-site Scripting (XSS)
<1.9.4.3 Not available 15 Oct, 2019
  • H
Remote Code Execution (RCE)
<1.9.4.3,>=1.10.0, <1.14.4.3 Not available 15 Oct, 2019
  • M
Information Exposure
<1.9.4.2 Not available 12 Aug, 2019
  • L
Session Fixation
<1.9.4.2 Not available 12 Aug, 2019
  • H
Server-side Request Forgery (SSRF)
<1.9.4.2 Not available 12 Aug, 2019
  • H
Remote Code Execution
<1.9.4.2 Not available 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 12 Aug, 2019
  • M
SQL Injection
<1.9.4.2 Not available 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 08 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 08 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 08 Aug, 2019
  • M
Cross-site Request Forgery (CSRF)
<1.9.4.2 Not available 07 Aug, 2019
  • M
Information Exposure
<1.9.4.2 Not available 07 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 06 Aug, 2019
  • M
Cross-site Scripting (XSS)
<1.9.4.2 Not available 06 Aug, 2019
  • M
Information Disclousure
<1.9.4.1 Not available 02 Apr, 2019