CVE-2020-9588

Published: 2020-06-26T21:15Z

Last Modified: 2024-11-21T05:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt