Lucene search
GoogleOSV:CVE-2021-21426HistoryApr 21, 2021 - 9:15 p.m.
CVE-2021-21426
2021-04-2121:15:07
Google
osv.dev
4
Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured deserialization of an object. A patch in versions 19.4.13 and 20.0.9 was back ported from Zend Framework 3. The vulnerability was assigned CVE-2021-3007 in Zend Framework.
| CPE | Name | Operator | Version |
|---|---|---|---|
| magento-lts | eq | 19.4.6 | |
| magento-lts | eq | 19.4.11 | |
| magento-lts | eq | 19.4.5 | |
| magento-lts | eq | 20.0.0 | |
| magento-lts | eq | 19.4.8 | |
| magento-lts | eq | 19.4.9 | |
| magento-lts | eq | 19.4.7 | |
| magento-lts | eq | 19.4.10 | |
| magento-lts | eq | 19.4.12 |
Related
cve
cve
CVE-2021-21426
2021-04-21 21:15:07
CVE-2021-3007
2021-01-04 03:15:13
nvd
nvd
CVE-2021-21426
2021-04-21 21:15:07
CVE-2021-3007
2021-01-04 03:15:13
github
github
Fixes a bug in Zend Framework's Stream HTTP Wrapper
2021-04-22 16:10:49
Remote code execution in zendframework and laminas-http
2021-06-08 20:11:19
osv
osv
Fixes a bug in Zend Framework's Stream HTTP Wrapper
2021-04-22 16:10:49
Remote code execution in zendframework and laminas-http
2021-06-08 20:11:19
prion
prion
Deserialization of untrusted data
2021-04-21 21:15:00
Deserialization of untrusted data
2021-01-04 03:15:00
cvelist
cvelist
CVE-2021-21426 Fixes a bug in Zend Framework's Stream HTTP Wrapper
2021-04-21 20:15:18
CVE-2021-3007
2021-01-04 02:26:45
threatpost
threatpost
RCE 'Bug' Found and Disputed in Popular PHP Scripting Framework
2021-01-05 22:28:17
Linux Devices Under Attack by New FreakOut Malware
2021-01-19 15:51:30
checkpoint_advisories
checkpoint_advisories
Zend Framework Remote Code Execution (CVE-2021-3007)
2021-01-17 00:00:00
securelist
securelist
DDoS attacks in Q1 2021
2021-05-10 10:00:15
Cyberthreats to financial organizations in 2022
2021-11-23 10:00:13
veracode
veracode
Remote Code Execution (RCE)
2021-04-22 09:11:55
Remote Code Execution (RCE)
2021-04-22 03:11:57
attackerkb
attackerkb
CVE-2021-3007
2021-01-04 00:00:00
CVE-2020-7961
2020-03-20 00:00:00
thn
thn
FreakOut! Ongoing Botnet Attack Exploiting Recent Linux Vulnerabilities
2021-01-19 10:59:00
impervablog
impervablog
Python Cryptominer Botnet Quickly Adopts Latest Vulnerabilities
2021-01-14 17:04:59