Vulnerabilities > Magento > Magento > 2.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-05 | CVE-2019-8124 | Insufficient Verification of Data Authenticity vulnerability in Magento An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 4.0 |
2019-11-05 | CVE-2019-8122 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 6.5 |
2019-11-05 | CVE-2019-8121 | Unspecified vulnerability in Magento An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 7.5 |
2019-11-05 | CVE-2019-8120 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 3.5 |
2019-11-05 | CVE-2019-8119 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 6.5 |
2019-11-05 | CVE-2019-8118 | Cleartext Storage of Sensitive Information vulnerability in Magento Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts. | 5.0 |
2019-11-05 | CVE-2019-8090 | Unspecified vulnerability in Magento An arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 5.5 |
2019-10-30 | CVE-2019-8235 | Authorization Bypass Through User-Controlled Key vulnerability in Magento An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions. | 4.0 |
2019-08-02 | CVE-2019-7951 | Information Exposure vulnerability in Magento An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 5.0 |
2019-08-02 | CVE-2019-7950 | Authorization Bypass Through User-Controlled Key vulnerability in Magento An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 5.0 |