CVE-2020-9690
packagist/magento/community-edition
Information Exposure Through Discrepancy
Magento has an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.
All versions before 2.3.5-p2
Upgrade to version 2.3.5-p2 or above.
2020-07-31
source |