Lucene search
K

11 matches found

Snyk
Snyk
added 2026/05/12 9:20 p.m.7 views

Server-side Request Forgery (SSRF)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the request process. An attacker can gain unauthorized read access to internal resources by tricking a user into visiting a maliciously...

7.4CVSS5.8AI score0.00471EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 9:20 p.m.11 views

Denial of Service (DoS)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Denial of Service DoS through the handling of system resources. An attacker can cause the application to become unresponsive by sending specially crafted requests that...

8.7CVSS5.8AI score0.00675EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 9:20 p.m.13 views

Out-of-bounds Read

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Out-of-bounds Read in the input validation process. An attacker can gain unauthorized write access by tricking a user with high privileges into visiting a maliciously craft...

5.1CVSS5.8AI score0.00373EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 9:20 p.m.14 views

Dependency on Vulnerable Third-Party Component

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Dependency on Vulnerable Third-Party Component through the use of a vulnerable third-party component. An attacker can cause the application to crash by sending specially...

8.7CVSS5.8AI score0.00508EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/11 4:39 a.m.3 views

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization. Adobe Vulnerability Report:This vulnerability could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass...

6.9CVSS5.8AI score0.00295EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/11 4:37 a.m.2 views

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization that enables a bypass of security features. Remediation Upgrade magento/community-edition to version 2.4.6-p14, 2.4.7-p9, 2.4.8-p4, 2.4.9-beta1 or...

5.3CVSS5.8AI score0.0035EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/14 4:52 p.m.7 views

HTTP Response Splitting

Overview blacksheep is a Fast web framework for Python asyncio Affected versions of this package are vulnerable to HTTP Response Splitting via the Client implementation. An attacker can manipulate HTTP requests or inject additional headers by supplying specially input containing carriage return a...

6.9CVSS6.8AI score0.00307EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/01/14 4:52 p.m.9 views

BlackSheep's ClientSession is vulnerable to CRLF injection

Impact The HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new header or even create a new HTTP request. Exploitation requires developers to pass unsanitized user input...

6.3CVSS6.7AI score0.00307EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/01/14 4:52 p.m.2 views

GHSA-6PW3-H7XF-X4GP BlackSheep's ClientSession is vulnerable to CRLF injection

Impact The HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new header or even create a new HTTP request. Exploitation requires developers to pass unsanitized user input...

6.3CVSS6.6AI score0.00307EPSS
Exploits0References5
Snyk
Snyk
added 2024/10/10 12:31 p.m.4 views

Improper Input Validation

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Input Validation through the PHP filter chain. An attacker with administrative privileges can read files from the system outside of the intended directories and...

7.6CVSS6.9AI score0.00852EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/18 12:0 a.m.3 views

PT-2022-23122 · Unknown · Hyperledger Fabric

Name of the Vulnerable Software and Affected Versions: Hyperledger Fabric versions prior to 2.4.6 Description: Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request t...

7CVSS7.1AI score0.00912EPSS
Exploits0References14
Rows per page
Query Builder