First published: Tue Jul 14 2020(Updated: )
CVE-2019-19326: Web Cache Poisoning through HTTPRequestBuilder
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
composer/silverstripe/framework | >=4.0.0<4.4.7>=4.5.0<4.5.4>=3.0.0<3.7.5 | |
Silverstripe silverstripe | >=3.0.0<3.7.5 | |
Silverstripe silverstripe | >=4.0.0<4.4.7 | |
Silverstripe silverstripe | >=4.5.0<4.5.4 | |
composer/silverstripe/framework | >=3.0.0<3.7.5 | 3.7.5 |
composer/silverstripe/framework | >=4.5.0<4.5.4 | 4.5.4 |
composer/silverstripe/framework | >=4.0.0<4.4.7 | 4.4.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-19326 is a vulnerability that allows for web cache poisoning through HTTPRequestBuilder.
CVE-2019-19326 affects the SilverStripe framework versions 4.0.0 to 4.4.7, 4.5.0 to 4.5.4, and 3.0.0 to 3.7.5.
To fix the CVE-2019-19326 vulnerability, update your SilverStripe framework to a non-vulnerable version.
You can find more information about CVE-2019-19326 at the following link: https://www.silverstripe.org/download/security-releases/cve-2019-19326/
The severity of the CVE-2019-19326 vulnerability depends on the specific implementation and configuration of the affected software.