Lucene search

Magento 2 Community Edition SSRF vulnerability

🗓️ 24 May 2022 16:27:52Reported by GitHub Advisory DatabaseType

Magento 2 SSRF vulnerability 2.1.18, 2.2.9, 2.3.

Reporter	Title	Published	Views	Family All 8
OSV	Magento 2 Community Edition SSRF vulnerability	24 May 202216:52	–	osv
OSV	CVE-2019-7913	2 Aug 201922:15	–	osv
Cvelist	CVE-2019-7913	2 Aug 201921:27	–	cvelist
NVD	CVE-2019-7913	2 Aug 201922:15	–	nvd
Prion	Server side request forgery (ssrf)	2 Aug 201922:15	–	prion
CVE	CVE-2019-7913	2 Aug 201922:15	–	cve
Friends Of PHP	PRODSECBUG-2322: Arbitrary code execution due to unsafe handling of a shipping gateway	25 Jun 201900:00	–	friendsofphp
OpenVAS	Magento 2.1.x < 2.1.18, 2.2.x < 2.2.9, 2.3.x < 2.3.2 Multiple Vulnerabilities (Jun 2019)	4 Jul 201900:00	–	openvas

Vulners

Node

magento community\-editionRange2.3.0–2.3.2

magento community\-editionRange2.2.0–2.2.9

magento community\-editionRange2.1.0–2.1.18

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-7913
web	www.web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7913.yaml
magento	www.magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
github	www.github.com/advisories/GHSA-hppc-rpfp-r8qw

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 May 2022 16:52Current

7.6High risk

Vulners AI Score7.6

CVSS26.5

CVSS37.2

EPSS0.00254

CWE-918