Magento Security Vulnerabilities and Issues — Magento CVE List

Lucene search

AdobeMagento

6 matches found

CVE•added 2020/01/29 7:15 p.m.•105 views

CVE-2020-3719

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

7.8CVSS7.2AI score0.01514EPSS

CVE•added 2020/01/29 7:15 p.m.•89 views

CVE-2020-3716

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

10CVSS9.5AI score0.17339EPSS

CVE•added 2020/01/29 7:15 p.m.•74 views

CVE-2020-3715

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.6AI score0.0027EPSS

CVE•added 2020/01/29 7:15 p.m.•70 views

CVE-2020-3718

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

10CVSS9.5AI score0.08697EPSS

CVE•added 2020/01/29 7:15 p.m.•69 views

CVE-2020-3758

6.1CVSS5.6AI score0.00282EPSS

CVE•added 2020/01/29 7:15 p.m.•65 views

CVE-2020-3717

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. Successful exploitation could lead to sensitive information disclosure.

5.3CVSS5AI score0.00276EPSS