GHSA-jrgf-vfw2-hj26
Suggest an improvement- Source
- https://github.com/advisories/GHSA-jrgf-vfw2-hj26
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/10/GHSA-jrgf-vfw2-hj26/GHSA-jrgf-vfw2-hj26.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-jrgf-vfw2-hj26
- Aliases
- Related
- Published
- 2020-10-30T17:06:06Z
- Modified
- 2026-02-04T03:37:48.472612Z
- Severity
-
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- RCE via PHP Object injection via SOAP Requests
- Details
-
Impact
This vulnerability allows an admin user to generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product.
Patches
The latest OpenMage Versions up from 19.4.7 and 20.0.3 have this Issue solved
Credits
Credit to Luke Rodgers for reporting
- Database specific
{ "nvd_published_at": "2020-10-21T20:15:00Z", "github_reviewed_at": "2020-10-30T16:25:06Z", "github_reviewed": true, "cwe_ids": [ "CWE-502", "CWE-74" ], "severity": "HIGH" }- References
Affected packages
Packagist / openmage/magento-lts
Package
- Name
- openmage/magento-lts
- Purl
- pkg:composer/openmage/magento-lts
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed19.4.8
Packagist / openmage/magento-lts
Package
- Name
- openmage/magento-lts
- Purl
- pkg:composer/openmage/magento-lts