title: 'PRODSECBUG-2375: Arbitrary code execution via malicious XML layouts'
link: 'https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13'
cve: CVE-2019-7942
branches:
'2.1':
time: '2019-06-25 00:00:00'
versions: ['>=2.1', '<2.1.18']
'2.2':
time: '2019-06-25 00:00:00'
versions: ['>=2.2', '<2.2.9']
'2.3':
time: '2019-06-25 00:00:00'
versions: ['>=2.3', '<2.3.2']
reference: 'composer://magento/product-community-edition'
composer-repository: false
|