Vulnerabilities > Magento > Magento > 2.2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-02 | CVE-2019-7929 | Information Exposure vulnerability in Magento An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 4.0 |
2019-08-02 | CVE-2019-7928 | Unspecified vulnerability in Magento A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 5.0 |
2019-08-02 | CVE-2019-7927 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7926 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7925 | Authorization Bypass Through User-Controlled Key vulnerability in Magento An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 5.5 |
2019-08-02 | CVE-2019-7923 | Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 6.5 |
2019-08-02 | CVE-2019-7921 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the product catalog form of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 3.5 |
2019-08-02 | CVE-2019-7915 | Unspecified vulnerability in Magento A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 5.0 |
2019-08-02 | CVE-2019-7913 | Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 6.5 |
2019-08-02 | CVE-2019-7912 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 6.5 |