See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Access Control BypassCVE-2023-22250
Affects magento/community-edition | Versions >=2.4.4-p1, <2.4.4-p3>=2.4.5-p1, <2.4.5-p2
Has fix
ComposerPublished 5 Mar 2025
- M
Missing Support for Integrity CheckCVE-2023-29290
Affects magento/community-edition | Versions >=2.4.5-p1, <2.4.5-p3>=2.4.4-p1, <2.4.4-p4
Has fix
ComposerPublished 5 Mar 2025
- H
Improper AuthorizationCVE-2023-38220
Affects magento/community-edition | Versions >=2.4.4-p1, <2.4.4-p6>=2.4.5-p1, <2.4.5-p5>=2.4.6-p1, <2.4.6-p3>=2.4.7-beta1, <2.4.7-beta2
Has fix
ComposerPublished 5 Mar 2025
- M
Improper Check for Unusual or Exceptional ConditionsCVE-2025-24425
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Incorrect AuthorizationCVE-2025-24421
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24428
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Access Control BypassCVE-2025-24437
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Access Control BypassCVE-2025-24436
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Access Control BypassCVE-2025-24435
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Access Control BypassCVE-2025-24427
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- H
Information ExposureCVE-2025-24408
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Access Control BypassCVE-2025-24429
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- H
Access Control BypassCVE-2025-24411
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- H
Improper AuthorizationCVE-2025-24409
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Directory TraversalCVE-2025-24406
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24410
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Time-of-check Time-of-use (TOCTOU) Race ConditionCVE-2025-24430
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Time-of-check Time-of-use (TOCTOU) Race ConditionCVE-2025-24432
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24438
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24412
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24414
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24416
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24413
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24415
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- M
Cross-site Scripting (XSS)CVE-2025-24417
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 4 Mar 2025
- C
Improper AuthorizationCVE-2025-24434
Affects magento/community-edition | Versions <2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2
Has fix
ComposerPublished 20 Feb 2025
- M
Cross-site Scripting (XSS)CVE-2024-45116
Affects magento/community-edition | Versions <2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3
Has fix
ComposerPublished 13 Oct 2024
- M
Access Control BypassCVE-2024-45122
Affects magento/community-edition | Versions <2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3
Has fix
ComposerPublished 13 Oct 2024
- M
Access Control BypassCVE-2024-45118
Affects magento/community-edition | Versions <2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3
Has fix
ComposerPublished 13 Oct 2024
- M
Improper Input ValidationCVE-2024-45117
Affects magento/community-edition | Versions <2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3
Has fix
ComposerPublished 13 Oct 2024