Vulnerabilities > Magento > Low

DATE CVE VULNERABILITY TITLE RISK
2021-09-08 CVE-2021-28566 Unspecified vulnerability in Magento
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image.
network
low complexity
magento
2.7
2020-11-09 CVE-2020-24403 Unspecified vulnerability in Magento
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect user permissions vulnerability within the Inventory component.
network
low complexity
magento
2.7
2020-11-09 CVE-2020-24404 Unspecified vulnerability in Magento
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions vulnerability within the Integrations component.
network
low complexity
magento
2.7
2020-11-09 CVE-2020-24406 Path Traversal vulnerability in Magento
When in maintenance mode, Magento version 2.4.0 and 2.3.4 (and earlier) are affected by an information disclosure vulnerability that could expose the installation path during build deployments.
network
high complexity
magento CWE-22
3.7