64 行
1.8 KiB
JSON
64 行
1.8 KiB
JSON
{
|
|
"canonical_id": "magento-open-source--CVE-2019-7854",
|
|
"system_id": "magento-open-source",
|
|
"display_name": "Magento Open Source",
|
|
"category": "ecommerce",
|
|
"advisory_mode": "core",
|
|
"title": "CVE-2019-7854",
|
|
"summary": "An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details.",
|
|
"published_at": "2019-08-02T22:15:14.910",
|
|
"updated_at": "2024-11-21T04:48:52.000",
|
|
"severity": "high",
|
|
"cvss_score": 7.5,
|
|
"exploit_status": "unknown",
|
|
"source_confidence": "official",
|
|
"official_source_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23",
|
|
"secondary_source_urls": [],
|
|
"aliases": [
|
|
"CVE-2019-7854"
|
|
],
|
|
"cve_ids": [
|
|
"CVE-2019-7854"
|
|
],
|
|
"ghsa_ids": [],
|
|
"osv_ids": [],
|
|
"affected_versions": [],
|
|
"fixed_versions": [],
|
|
"package_name": null,
|
|
"render_markdown": false,
|
|
"case_path": null,
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"file-upload-validation",
|
|
"plugin-extension-trust-policy"
|
|
],
|
|
"status": "triage",
|
|
"triage_reasons": [
|
|
"missing affected/fixed version details"
|
|
],
|
|
"verification_status": "triage-manual",
|
|
"verification_mode": "synthetic",
|
|
"last_verified_at": null,
|
|
"last_run_id": null,
|
|
"evidence_bundle": null,
|
|
"historical_status": null,
|
|
"latest_status": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
},
|
|
"repro_profile_id": "plugin-extension-generic",
|
|
"artifact_mode": "synthetic",
|
|
"blocked_reason": null,
|
|
"metadata": {
|
|
"source_names": [
|
|
"NVD Magento"
|
|
],
|
|
"source_kinds": [
|
|
"nvd-search"
|
|
],
|
|
"candidate_count": 1
|
|
}
|
|
}
|