Skip to main content

Magento2

1 CVEs product

Monthly

CVE-2016-6485 PHP HIGH PATCH This Week

The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe PHP Information Disclosure Magento2
NVD GitHub
CVSS 3.0
7.5
EPSS
0.1%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe PHP Information Disclosure +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy