Description
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts.
Remediation
References
Related Vulnerabilities
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8003)
Oracle Database Server CVE-2023-22071 Vulnerability (CVE-2023-22071)
WordPress 5.0.x PHP Object Injection (5.0 - 5.0.12)
WordPress Plugin eBay Feeds for WordPress Cross-Site Scripting (1.0)
WordPress Plugin Double Opt-In for Download Multiple Cross-Site Scripting Vulnerabilities (2.1.5)