Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Information Exposure
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Information Exposure
magento/core <1.9.4.2 Composer 12 Aug, 2019
  • L
Session Fixation
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • L
Session Fixation
magento/core <1.9.4.2 Composer 12 Aug, 2019
  • H
Security Bypass (PHP script injection)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Resource Injection
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • H
Information Exposure
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Security Bypass (IDOR)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Inadequate Encryption Strength
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Inadequate Encryption Strength
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • L
Inadequate Encryption Strength
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • H
Server-side Request Forgery (SSRF)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • H
Server-side Request Forgery (SSRF)
magento/core <1.9.4.2 Composer 12 Aug, 2019
  • H
Server-side Request Forgery (SSRF)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Denial of Service (DoS)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • H
Remote Code Execution
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • H
Remote Code Execution
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • H
Remote Code Execution
magento/core <1.9.4.2 Composer 12 Aug, 2019
  • H
Remote Code Execution
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Request Forgery (CSRF)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Request Forgery (CSRF)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Information Exposure
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/core <1.9.4.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/community-edition >=2.1.0, <2.1.18,>=2.2.0, <2.2.9,>=2.3.0, <2.3.2 Composer 12 Aug, 2019
  • M
Cross-site Scripting (XSS)
magento/core <1.9.4.2 Composer 12 Aug, 2019