Vulnerabilities > Openmage
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-11 | CVE-2023-41879 | Use of Insufficiently Random Values vulnerability in Openmage Magento Magento LTS is the official OpenMage LTS codebase. | 7.5 |
| 2023-01-28 | CVE-2023-23617 | Infinite Loop vulnerability in Openmage Magento OpenMage LTS is an e-commerce platform. | 7.5 |
| 2023-01-27 | CVE-2021-41143 | Path Traversal vulnerability in Openmage Magento OpenMage LTS is an e-commerce platform. | 7.2 |
| 2023-01-27 | CVE-2021-41144 | Command Injection vulnerability in Openmage Magento OpenMage LTS is an e-commerce platform. | 8.8 |
| 2023-01-27 | CVE-2021-41231 | Unrestricted Upload of File with Dangerous Type vulnerability in Openmage Magento OpenMage LTS is an e-commerce platform. | 7.2 |
| 2023-01-27 | CVE-2021-39217 | Command Injection vulnerability in Openmage Magento OpenMage LTS is an e-commerce platform. | 7.2 |
| 2023-01-27 | CVE-2021-21395 | Cross-Site Request Forgery (CSRF) vulnerability in Openmage Magento Magneto LTS (Long Term Support) is a community developed alternative to the Magento CE official releases. | 4.3 |
| 2021-08-27 | CVE-2021-32759 | Improper Input Validation vulnerability in Openmage Magento OpenMage magento-lts is an alternative to the Magento CE official releases. | 6.5 |
| 2021-08-27 | CVE-2021-32758 | XML Injection (aka Blind XPath Injection) vulnerability in Openmage OpenMage Magento LTS is an alternative to the Magento CE official releases. | 9.0 |
| 2021-04-21 | CVE-2021-21427 | SQL Injection vulnerability in Openmage Magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). | 6.5 |