Vulnerabilities > Adobe > Adobe Commerce > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-01 CVE-2021-36040 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability.
network
low complexity
adobe CWE-434
7.2
2021-09-01 CVE-2021-36041 Improper Input Validation vulnerability in Adobe Commerce and Magento Open Source
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability.
network
low complexity
adobe CWE-20
7.2
2021-09-01 CVE-2021-36042 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento Open Source
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension.
network
low complexity
adobe CWE-434
7.2