Lucene search
K

4 matches found

OSV
OSV
added 2025/04/08 9:15 p.m.4 views

CVE-2025-27189

Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by a Cross-Site Request Forgery CSRF vulnerability that could be exploited to cause a denial-of-service condition. An attacker could trick a logged-in user into submitting a forged request to th...

4.3CVSS5.8AI score0.00936EPSS
Exploits0References1
Snyk
Snyk
added 2025/02/11 6:31 p.m.2 views

Access Control Bypass

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Access Control Bypass that could allow a privileged attacker to escalate privileges. Remediation Upgrade magento/community-edition to version 2.4.4-p12, 2.4.5-p11, 2.4.6-p9...

5.4CVSS6.9AI score0.00415EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/11 6:31 p.m.4 views

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization enabling the bypass of a security feature. Remediation Upgrade magento/community-edition to version 2.4.4-p12, 2.4.5-p11, 2.4.6-p9, 2.4.7-p4,...

5.1CVSS6.9AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/11 6:31 p.m.1 views

Improper Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Authorization enabling bypass of a security feature. Remediation Upgrade magento/community-edition to version 2.4.4-p12, 2.4.5-p11, 2.4.6-p9, 2.4.7-p4, 2.4.8-beta2...

8.2CVSS6.9AI score0.00627EPSS
Exploits0References2
Rows per page
Query Builder