CVE-2019-8090
- Source
- https://cve.org/CVERecord?id=CVE-2019-8090
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-8090.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-8090
- Aliases
- Published
- 2019-11-05T22:15:14.080Z
- Modified
- 2026-04-10T04:20:22.086288Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated users can manipulate the design layout update feature.
- References
Affected packages
Git / github.com/magento/devdocs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/magento/devdocs
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "2.2.0" }, { "fixed": "2.2.10" }, { "introduced": "2.2.0" }, { "fixed": "2.2.10" }, { "introduced": "2.3.0" }, { "fixed": "2.3.2" }, { "introduced": "2.3.0" }, { "fixed": "2.3.2" }, { "introduced": "0" }, { "last_affected": "2.3.2-NA" }, { "introduced": "0" }, { "last_affected": "2.3.2-NA" } ] }