64 行
1.8 KiB
JSON
64 行
1.8 KiB
JSON
{
|
|
"canonical_id": "magento-open-source--CVE-2019-7855",
|
|
"system_id": "magento-open-source",
|
|
"display_name": "Magento Open Source",
|
|
"category": "ecommerce",
|
|
"advisory_mode": "core",
|
|
"title": "CVE-2019-7855",
|
|
"summary": "A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation.",
|
|
"published_at": "2019-08-02T22:15:14.970",
|
|
"updated_at": "2024-11-21T04:48:52.113",
|
|
"severity": "medium",
|
|
"cvss_score": 5.3,
|
|
"exploit_status": "unknown",
|
|
"source_confidence": "official",
|
|
"official_source_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23",
|
|
"secondary_source_urls": [],
|
|
"aliases": [
|
|
"CVE-2019-7855"
|
|
],
|
|
"cve_ids": [
|
|
"CVE-2019-7855"
|
|
],
|
|
"ghsa_ids": [],
|
|
"osv_ids": [],
|
|
"affected_versions": [],
|
|
"fixed_versions": [],
|
|
"package_name": null,
|
|
"render_markdown": false,
|
|
"case_path": null,
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"file-upload-validation",
|
|
"plugin-extension-trust-policy"
|
|
],
|
|
"status": "triage",
|
|
"triage_reasons": [
|
|
"missing affected/fixed version details"
|
|
],
|
|
"verification_status": "triage-manual",
|
|
"verification_mode": "synthetic",
|
|
"last_verified_at": null,
|
|
"last_run_id": null,
|
|
"evidence_bundle": null,
|
|
"historical_status": null,
|
|
"latest_status": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
},
|
|
"repro_profile_id": "plugin-extension-generic",
|
|
"artifact_mode": "synthetic",
|
|
"blocked_reason": null,
|
|
"metadata": {
|
|
"source_names": [
|
|
"NVD Magento"
|
|
],
|
|
"source_kinds": [
|
|
"nvd-search"
|
|
],
|
|
"candidate_count": 1
|
|
}
|
|
}
|