10 matches found
EUVD-2019-0736
Malware in sbrugna...
CWFF - Create Your Custom Wordlist For Fuzzing
CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible using concurrency and it's heavily inspired by @tomnomnom's Who, What, Where, When, Wordlist NahamCon2020. Usage CWFF -h --threads --github --subdomains --recursive...
Using JS libraries with known security vulnerabilities
An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries Bootstrap, jquery, Knockout with known security vulnerabilities...
GHSA-89CH-HQF9-RGP3 Using JS libraries with known security vulnerabilities
An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries Bootstrap, jquery, Knockout with known security vulnerabilities...
CVE-2019-8121
An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries Bootstrap, jquery, Knockout with known security vulnerabilities...
CVE-2019-8121
An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries Bootstrap, jquery, Knockout with known security vulnerabilities...
Design/Logic Flaw
An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries Bootstrap, jquery, Knockout with known security vulnerabilities...
CVE-2019-8121
An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries Bootstrap, jquery, Knockout with known security vulnerabilities...
CVE-2019-8121
CVE-2019-8121 affects Magento 2.x prior to the listed fixes: 2.1 before 2.1.19, 2.2 before 2.2.10, and 2.3 before 2.3.3. The issue arises from Magento’s codebase using outdated JS libraries (Bootstrap, jQuery, Knockout) with known vulnerabilities. The documented impact is high/critical, and remed...
PRODSECBUG-2447: Using JS libraries with known security vulnerabilities
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...