Magento Security Vulnerabilities and Issues — Magento CVE List

Lucene search

AdobeMagento

6 matches found

CVE•added 2020/07/29 1:15 p.m.•62 views

CVE-2020-9689

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution.

8.5CVSS6.9AI score0.00303EPSS

CVE•added 2020/07/29 1:15 p.m.•62 views

CVE-2020-9690

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.

4.2CVSS5.4AI score0.00346EPSS

CVE•added 2020/07/22 8:15 p.m.•54 views

CVE-2020-9664

Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8CVSS9.7AI score0.09652EPSS

CVE•added 2020/07/29 1:15 p.m.•53 views

CVE-2020-9691

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.

9.6CVSS8.8AI score0.00631EPSS

CVE•added 2020/07/29 1:15 p.m.•48 views

CVE-2020-9692

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

8.5CVSS6.9AI score0.00168EPSS

CVE•added 2020/07/22 8:15 p.m.•39 views

CVE-2020-9665

Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

6.1CVSS5.7AI score0.00575EPSS