Magento Community-Edition vulnerabilities
355 known vulnerabilities affecting magento/community-edition.
Total CVEs
355
CISA KEV
3
actively exploited
Public exploits
4
Exploited in wild
3
Severity breakdown
CRITICAL41HIGH105MEDIUM192LOW17
Vulnerabilities
Page 11 of 18
CVE-2019-8151HIGH≥ 2.2.0, < 2.2.10≥ 2.3.0, < 2.3.2-p22022-05-24
CVE-2019-8151 [HIGH] CWE-918 Magento Server-Side Request Forgery (SSRF)
Magento Server-Side Request Forgery (SSRF)
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway.
As per [the Magento Release 2.3.3](https://web.archive.org/web/20201126132230/htt
ghsaosv
CVE-2019-8150HIGH≥ 2.2.0, < 2.2.10≥ 2.3.0, < 2.3.2-p22022-05-24
CVE-2019-8150 [HIGH] Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate layouts and images can insert a malicious payload into the page layout.
As per [the Magento Release 2.3.3](https://web.archive.org/web/20201126132230/https://devdocs.magento.com/guides/v2.3/release-notes/release-note
ghsaosv
CVE-2021-36031HIGH≥ 0, < 2.3.7-p1≥ 2.4.2-p1, < 2.4.2-p22022-05-24
CVE-2021-36031 [HIGH] CWE-22 Magento Path Traversal vulnerability via the `theme[preview_image]` parameter
Magento Path Traversal vulnerability via the `theme[preview_image]` parameter
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a Path Traversal vulnerability via the `theme[preview_image]` parameter. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution.
ghsaosv
CVE-2020-9591HIGH≥ 2.3.0, < 2.3.4-p2≥ 0, ≤ 2.2.112022-05-24
CVE-2020-9591 [HIGH] CWE-200 Magento defense-in-depth security mitigation vulnerability
Magento defense-in-depth security mitigation vulnerability
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to unauthorized access to admin panel.
ghsaosv
CVE-2019-7885HIGH≥ 2.1, < 2.1.18≥ 2.2, < 2.2.9+1 more2022-05-24
CVE-2019-7885 [HIGH] CWE-20 Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
Insufficient input validation in the config builder of the Elastic search module could lead to remote code execution in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This vulnerability could be abused by an authenticated user with the ability to configure the catalog search.
ghsaosv
CVE-2019-7930HIGH≥ 2.1, < 2.1.18≥ 2.2, < 2.2.9+1 more2022-05-24
CVE-2019-7930 [HIGH] CWE-434 Magento 2 Community Unrestricted File Upload
Magento 2 Community Unrestricted File Upload
A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, resulting in potentially unauthorized removal of file upload restrictions. This can result in arbitrary code execution when a mali
ghsaosv
CVE-2019-8137HIGH≥ 2.2.0, < 2.2.10≥ 2.3.0, < 2.3.2-p12022-05-24
CVE-2019-8137 [HIGH] Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate CMS section of the website can trigger remote code execution via custom layout update.
ghsaosv
CVE-2019-8134HIGH≥ 2.2, < 2.2.10≥ 2.3, < 2.3.2-p12022-05-24
CVE-2019-8134 [HIGH] CWE-89 Magento SQL injection via marketing account with access to email templates variables
Magento SQL injection via marketing account with access to email templates variables
A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privileges can execute arbitrary SQL queries in the database when accessing email template variables.
ghsaosv
CVE-2020-9587HIGH≥ 0, ≤ 2.2.11≥ 2.3.0, < 2.3.4-p22022-05-24
CVE-2020-9587 [HIGH] CWE-863 Magento authorization bypass vulnerability
Magento authorization bypass vulnerability
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts.
ghsaosv
CVE-2019-7942HIGH≥ 2.1.0, < 2.1.18≥ 2.2.0, < 2.2.9+1 more2022-05-24
CVE-2019-7942 [HIGH] CWE-94 Magento 2 Community Edition RCE
Magento 2 Community Edition RCE
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create or edit a product can execute arbitrary code via malicious XML layout updates.
ghsaosv
CVE-2019-7896HIGH≥ 2.1, < 2.1.18≥ 2.2, < 2.2.9+1 more2022-05-24
CVE-2019-7896 [HIGH] Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout update.
ghsaosv
CVE-2019-7892HIGH≥ 2.1, < 2.1.18≥ 2.2, < 2.2.9+1 more2022-05-24
CVE-2019-7892 [HIGH] CWE-918 Magento 2 Community Edition RCE Vulnerability via SSRF
Magento 2 Community Edition RCE Vulnerability via SSRF
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to access shipment settings can execute arbitrary code via server-side request forgery.
ghsaosv
CVE-2019-7903HIGH≥ 2.1.0, < 2.1.18≥ 2.2.0, < 2.2.9+1 more2022-05-24
CVE-2019-7903 [HIGH] CWE-94 Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can execute arbitrary code by previewing a malicious template.
ghsaosv
CVE-2019-7860HIGH≥ 2.1.0, < 2.1.18≥ 2.2.0, < 2.2.9+1 more2022-05-24
CVE-2019-7860 [HIGH] CWE-338 Magento 2 Community Edition Weak PRNG
Magento 2 Community Edition Weak PRNG
A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
ghsaosv
CVE-2019-8110HIGH≥ 2.2.0, < 2.2.10≥ 2.3.0, < 2.3.2-p12022-05-24
CVE-2019-8110 [HIGH] Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage email templates hierarchy to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code.
ghsaosv
CVE-2019-8122HIGH≥ 2.1.0, < 2.1.19≥ 2.2.0, < 2.2.10+1 more2022-05-24
CVE-2019-8122 [HIGH] Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with privileges to create products can craft custom layout update and use import product functionality to enable remote code execution.
ghsaosv
CVE-2019-7950HIGH≥ 2.1.0, < 2.1.18≥ 2.2.0, < 2.2.9+1 more2022-05-24
CVE-2019-7950 [HIGH] CWE-639 Magento 2 Community Edition Access Control Bypass
Magento 2 Community Edition Access Control Bypass
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially confidental information.
ghsaosv
CVE-2019-8159HIGH≥ 2.2, < 2.2.10≥ 2.3, < 2.3.2-p22022-05-24
CVE-2019-8159 [HIGH] CWE-78 Magento 2 Community Edition RCE Vulnerability
Magento 2 Community Edition RCE Vulnerability
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with system data manipulation privileges can execute aribitrary code through arbitrary file deletion and OS command injection.
As per [the Magento Release 2.3.3](https://web.archive.org/web/20201126132230/https://devdocs.magento.com/guides
ghsaosv
CVE-2019-8093HIGH≥ 2.2, < 2.2.10≥ 2.3, < 2.3.2-p12022-05-24
CVE-2019-8093 [HIGH] CWE-434 Magento Information Disclosure via File upload functionality
Magento Information Disclosure via File upload functionality
An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files.
ghsaosv
CVE-2019-7849HIGH≥ 2.1.0, < 2.1.18≥ 2.2.0, < 2.2.9+1 more2022-05-24
CVE-2019-7849 [HIGH] CWE-384 Magento 2 Community Edition Session Fixation Check
Magento 2 Community Edition Session Fixation Check
A defense-in-depth check was added to mitigate inadequate session validation handling by 3rd party checkout modules. This impacts Magento 1.x prior to 1.9.4.2, Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2.
ghsaosv