On this page
某些 Creative Cloud 应用程序、服务和功能在中国不可用。
Magento has released updates for Magento Commerce 1 and Magento Open Source 1. These updates resolve vulnerabilities rated Important and Critical . Successful exploitation could lead to arbitrary code execution.
Support for Magento Commerce 1.14 and Magento Open Source 1 is ending in June 2020. This will be the final security patches available for these editions.
Note:
Magento Commerce 1 is formerly known as Magento Enterprise Edition, and Magento Open Source 1 is formerly known as Magento Community Edition.
| Product | Version | Platform |
|---|---|---|
| Magento Commerce 1 |
1.14.4.5 and earlier versions |
All |
| Magento Open Source 1 |
1.9.4.5 and earlier versions |
All |
Note:
These vulnerabilities do not impact Magento Commerce or Magento Open Source.
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version.
| Product | Version | Platform | Priority Rating | Availability |
| Magento Commerce 1 |
SUPEE-11346 | All |
2 |
My Account > Downloads Tab > Magento Commerce 1.X > Magento Commerce 1.x > Support and Security Patches > Security Patches > Security |
| Magento Open Source 1 |
SUPEE-11346 | All |
2 |
Magento Open Source Download Page > Release Archive Tab > Magento Open Source Patches - 1.x Section |
Note:
Pre-authentication: The vulnerability is exploitable without credentials.
Admin privileges required: The vulnerability is only exploitable by an attacker with administrative privileges.