Skip to content

OpenMage Docs

Release v19.4.8 and v20.0.4

Initializing search

OpenMage/magento-lts

Get started
API
Development
Modules
Blog

OpenMage Docs

OpenMage/magento-lts

Get started
Get started
- Requirements
- Installing
  Installing
- Changelog
  Changelog
- Versioning
  Versioning
  - Currently Maintained
- Quick links
  Quick links
  - Tags
API
API
- REST
  REST
  - Common HTTP status codes
  - HTTP methods
  - Use filters
  - Resources
    Resources
    
    Products
    Products
    
    Product Categories
    
    Customers
    Customers
    
    Customers
  - Response Formats
  - Testing
- JSON-RPC
  JSON-RPC
  - Resources
    Resources
    
    Products
    Products
    
    Catalog Category API
    
    Catalog Product API
    
    Catalog Product Attribute API
    
    Inventory
    Inventory
    
    Catalog Inventory Stock Item API
    
    Customers
    Customers
    
    Customer API
    
    Customer Group API
    
    Customer Address API
    
    Sales
    Sales
    
    Sales Order API
    
    Sales Order Shipment API
    
    Sales Order Credit Memo API
    
    Sales Order Invoice API
Development
Development
- Installation
  Installation
  - DDEV
  - Docker Compose
- Coding Style
  Coding Style
  - PER-2.0
- Events
  Events
  - Events list
- Tools
  Tools
  - n98-magerun
  - PhpStorm
- Multistore
  Multistore
  - Error pages
- Samples
  Samples
  - php.ini
  - robots.txt
- Guides
  Guides
- Documentation
  Documentation
  - MkDocs
Modules
Modules
- Analytics
- Back-end
- Cache
- Captcha
- Cron
- Email
- Front-end
- Images
- Log & Debug
- Payment
- Themes
  Themes
  - Front-end
- User Guides
  User Guides
  - Swatches
Blog
Blog
- Archive
  Archive
  - 2025
  - 2024
  - 2023
  - 2022
  - 2021
  - 2020
  - 2019
- Categories
  Categories

Colin Mollenhour
Maintainer

Metadata
- October 20, 2020
- in Releases v19, Releases v20, Security
- 1 min read

New Release 19.4.8 and 20.0.4¶

CVE-2020-15244 ³ is our second OpenMage CVE and our first CVE that is wholly independent of Adobe! ¹ ²

This vulnerability was disclosed to us privately from a community member via our HackerOne program and patched in versions 19.4.8 and 20.0.4. Please update to one of these version to receive the patch.

A big thanks to Luke Rogers for submitting the report!

Release v19.4.8 ↩
Release v20.0.4 ↩
Security advisory GHSA-jrgf-vfw2-hj26 ↩

Release v19.4.7 and v20.0.3

Release v19.4.9 and v20.0.5

OpenMage contributors