See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Cross-site Scripting (XSS)CVE-2022-35698
Affects magento/community-edition | Versions <2.4.4-p2>=2.4.5, <2.4.5-p1
Has fix
ComposerPublished 8 Dec 2022
- H
Improper Input ValidationCVE-2022-42344
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- M
Improper Access ControlCVE-2022-34259
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- L
Cross-site Scripting (XSS)CVE-2022-34258
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- M
Cross-site Scripting (XSS)CVE-2022-34257
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- L
Improper AuthorizationCVE-2022-35692
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- H
Improper AuthorizationCVE-2022-34256
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- C
Improper Input ValidationCVE-2022-24093
Affects magento/community-edition | Versions <2.3.7-p3>=2.4.3, <2.4.3-p2
Has fix
ComposerPublished 8 Dec 2022
- M
Improper Access ControlCVE-2022-35689
Affects magento/community-edition | Versions <2.4.4-p2>=2.4.5, <2.4.5-p1
Has fix
ComposerPublished 8 Dec 2022
- H
Improper Input ValidationCVE-2022-34255
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- H
Path TraversalCVE-2022-34254
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- C
XML InjectionCVE-2022-34253
Affects magento/community-edition | Versions <2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1
Has fix
ComposerPublished 8 Dec 2022
- C
Improper Input ValidationCVE-2022-24087
Affects magento/community-edition | Versions >=0.0.0
Has fix
ComposerPublished 20 Feb 2022
- H
Improper Input ValidationCVE-2022-24086
Affects magento/community-edition | Versions >=2.3.3-p1, <2.3.7-p3>=2.4.0, <2.4.3-p2
Has fix
ComposerPublished 14 Feb 2022
- M
Cross-site Request Forgery (CSRF)CVE-2021-39864
Affects magento/community-edition | Versions <2.3.7-p2>=2.4.0, <2.4.3-p1
Has fix
ComposerPublished 13 Oct 2021
- M
Security BypassCVE-2021-36012
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- C
Arbitrary Code ExecutionCVE-2021-36036
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- H
Denial of Service (DoS)CVE-2021-36044
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- C
Improper AuthorizationCVE-2021-36029
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- C
Arbitrary Code ExecutionCVE-2021-36021
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- M
Improper AuthorizationCVE-2021-36037
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- H
Privilege EscalationCVE-2021-36032
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- M
Cross-site Scripting (XSS)CVE-2021-36026
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 12 Sept 2021
- H
XML InjectionCVE-2021-36028
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 11 Sept 2021
- M
Improper Input ValidationCVE-2021-36039
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 11 Sept 2021
- M
Server-side Request Forgery (SSRF)CVE-2021-36043
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 11 Sept 2021
- M
Improper Input ValidationCVE-2021-36038
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 11 Sept 2021
- C
XML InjectionCVE-2021-36020
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 11 Sept 2021
- H
Improper Input ValidationCVE-2021-36030
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 11 Sept 2021
- H
Directory TraversalCVE-2021-36031
Affects magento/community-edition | Versions >=2.4.0, <2.4.2-p2<2.3.7-p1
Has fix
ComposerPublished 11 Sept 2021