CVE-2019-19326
First published: Tue Jul 14 2020(Updated: )
CVE-2019-19326: Web Cache Poisoning through HTTPRequestBuilder
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/silverstripe/framework | >=4.0.0<4.4.7>=4.5.0<4.5.4>=3.0.0<3.7.5 | |
| Silverstripe silverstripe | >=3.0.0<3.7.5 | |
| Silverstripe silverstripe | >=4.0.0<4.4.7 | |
| Silverstripe silverstripe | >=4.5.0<4.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-19326?
CVE-2019-19326 is a vulnerability that allows for web cache poisoning through HTTPRequestBuilder.
Which software is affected by CVE-2019-19326?
CVE-2019-19326 affects the SilverStripe framework versions 4.0.0 to 4.4.7, 4.5.0 to 4.5.4, and 3.0.0 to 3.7.5.
How can I fix the CVE-2019-19326 vulnerability?
To fix the CVE-2019-19326 vulnerability, update your SilverStripe framework to a non-vulnerable version.
Where can I find more information about CVE-2019-19326?
You can find more information about CVE-2019-19326 at the following link: https://www.silverstripe.org/download/security-releases/cve-2019-19326/
How severe is the CVE-2019-19326 vulnerability?
The severity of the CVE-2019-19326 vulnerability depends on the specific implementation and configuration of the affected software.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/friends-of-php
- collector/nvd-index
- package-manager/composer
- vendor/silverstripe
- canonical/silverstripe silverstripe
- version/silverstripe silverstripe/3.0.0
- version/silverstripe silverstripe/4.0.0
- version/silverstripe silverstripe/4.5.0