CVE-2019-7899
- Source
- https://cve.org/CVERecord?id=CVE-2019-7899
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-7899.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-7899
- Aliases
- Published
- 2019-08-02T22:15:17.393Z
- Modified
- 2026-04-11T12:23:53.375256Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Names of disabled downloadable products could be disclosed due to inadequate validation of user input in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
- Database specific
{ "unresolved_ranges": [ { "cpe": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", "extracted_events": [ { "fixed": "1.14.4.2" } ], "source": "CPE_FIELD" }, { "cpe": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", "extracted_events": [ { "fixed": "1.9.4.2" } ], "source": "CPE_FIELD" } ] }- References
Affected packages
Git / github.com/magento/devdocs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/magento/devdocs
- Events
- Database specific
{ "cpe": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", "extracted_events": [ { "introduced": "2.1.0" }, { "fixed": "2.1.18" }, { "introduced": "2.2.0" }, { "fixed": "2.2.9" }, { "introduced": "2.3.0" }, { "fixed": "2.3.2" } ], "source": "CPE_FIELD" }