hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
96bde2118d24bc7d5d8abc1e4945260c1e004790
websafe-kb/07-framework-security/ecommerce/adobe-commerce/INDEX.md

118 行
12 KiB
Markdown
原始文件 Blame 文件历史

此文件含有不可见的 Unicode 字符
此文件含有人类无法区分的不可见的 Unicode 字符,但可以由计算机进行不同的处理。 如果您是想特意这样的,可以安全地忽略该警告。 使用 Escape 按钮显示他们。
# Adobe Commerce
> `LAB ONLY` | `AUTHORIZED TARGETS ONLY` | 自动生成索引
- 系统 ID: `adobe-commerce`
- 分类: `ecommerce`
- 覆盖策略: `history-full`
- 总案例数: `81`
- 近 30 天新增/更新: `0`
- 重点 Markdown 案例数: `0`
- 已实证(真实版本): `0`
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `81`
- 最近渲染时间: `2026-04-01T09:21:04+00:00`
## 目标约束
- 适用目标类型: `lab-local, lab-public, authorized-third-party`
- 是否允许公网验证: `yes, but ownership or authorization is required`
- 授权前提: 资产归属可证明,或已取得书面/明确授权。
- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
- 禁止场景: 无归属证明或无明确授权的公网目标;知名公共网站或与测试无关的第三方资产;会造成持久破坏、数据越权下载或不可回滚影响的动作
## 来源
- `official` [Adobe Security Bulletins](https://helpx.adobe.com/security/products/magento.html) (mode=core)
- `official` [Adobe Magento Security Index](https://helpx.adobe.com/security/products/magento.html) (mode=core)
- `official` [NVD Adobe Commerce](https://nvd.nist.gov/vuln/search) (keyword=Adobe Commerce; mode=core)
- `ecosystem-authority` [GHSA Adobe Commerce](https://github.com/advisories) (ecosystem=composer; mode=core)
- `ecosystem-authority` [Sansec Research](https://sansec.io/research) (mode=extension)
## 案例列表
| 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
|------|--------|----------|----------|----------|------------|----------|--------|
| CVE-2024-20759 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2025-02-11T15:59:16.957` | - |
| CVE-2024-20758 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2025-04-16T14:53:40.187` | - |
| CVE-2024-20720 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:53:01.000` | - |
| CVE-2024-20719 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:53:00.843` | - |
| CVE-2024-20718 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:53:00.647` | - |
| CVE-2024-20717 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:52:59.233` | - |
| CVE-2024-20716 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:52:59.103` | - |
| CVE-2023-38251 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:11.070` | - |
| CVE-2023-38250 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:10.920` | - |
| CVE-2023-38249 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:10.773` | - |
| CVE-2023-38221 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:07.010` | - |
| CVE-2023-38220 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:06.863` | - |
| CVE-2023-38219 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:06.720` | - |
| CVE-2023-38218 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:06.583` | - |
| CVE-2023-26367 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:51:12.530` | - |
| CVE-2023-26366 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:51:12.390` | - |
| CVE-2022-24093 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T06:49:47.413` | - |
| CVE-2023-38209 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:05.447` | - |
| CVE-2023-38208 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:05.317` | - |
| CVE-2023-38207 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T08:13:05.193` | - |
| CVE-2023-29297 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:49.170` | - |
| CVE-2023-29296 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:49.063` | - |
| CVE-2023-29295 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.960` | - |
| CVE-2023-29294 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.850` | - |
| CVE-2023-29293 | `low` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.747` | - |
| CVE-2023-29292 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.640` | - |
| CVE-2023-29291 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.530` | - |
| CVE-2023-29290 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.423` | - |
| CVE-2023-29289 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.313` | - |
| CVE-2023-29288 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.197` | - |
| CVE-2023-29287 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:56:48.080` | - |
| CVE-2023-22248 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:44:23.877` | - |
| CVE-2023-22251 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:44:24.210` | - |
| CVE-2023-22250 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:44:24.110` | - |
| CVE-2023-22249 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:44:24.003` | - |
| CVE-2023-22247 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:44:23.737` | - |
| CVE-2022-42344 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:24:47.620` | - |
| CVE-2022-35698 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:11:30.073` | - |
| CVE-2022-35689 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:11:28.990` | - |
| CVE-2022-35692 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:11:29.357` | - |
| CVE-2022-34259 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:09:10.063` | - |
| CVE-2022-34258 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:09:09.953` | - |
| CVE-2022-34257 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:09:09.827` | - |
| CVE-2022-34256 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:09:09.690` | - |
| CVE-2022-34255 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:09:09.567` | - |
| CVE-2022-34254 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:09:09.437` | - |
| CVE-2022-34253 | `high` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T07:09:09.320` | - |
| CVE-2022-24086 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2025-10-23T14:51:16.013` | - |
| CVE-2021-39864 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T06:20:25.057` | - |
| CVE-2021-36035 | `critical` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T06:12:59.820` | - |
| APSB26-05  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB21-86  Securityupdates availablefor Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB20-22  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB20-41  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB24-61  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB25-88 : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB22-38  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB23-42  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB21-30  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB25-26  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Back to top | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB24-73  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB23-17  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB24-18  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB23-50  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB23-35  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB25-71  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB22-12  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB21-08  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB24-40  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB24-90 : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB25-08  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB25-94  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB22-48 : Security updates available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB20-02  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB20-59  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB22-13  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB21-64  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB25-50 : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB24-03  : Security update available for Adobe Commerce | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| APSB20-47  Securityupdates availablefor Magento | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
在新工单中引用 查看 Git Blame 复制永久链接