CVE-2020-3716

Summary

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AdobeMagento2.3.3 and earlieraffected
AdobeMagento2.2.10 and earlieraffected
AdobeMagento1.14.4.3 and earlieraffected
AdobeMagento1.9.4.3 and earlier versionsaffected

Weaknesses

  • Deserialization of untrusted data

ADP Enrichment

CVE Program Container

Additional References

References