Magento官网安全更新(2019-10-08)

来源:Magento官网 发布日期:2019-10-08 阅读次数:264

基本信息

发布日期:2019-10-08(官方当地时间)

更新类型: 安全更新

更新版本: 2.3.3;2.2.10

感知时间:2019-12-05 19:42:01

风险等级: 严重

情报贡献: TSRC

更新标题

Magento 2.3.3 and 2.2.10 Security Update

更新详情

Magento Commerce and Open Source 2.3.3, 2.3.2-p1 and 2.2.10 contain tens of security enhancements that help close Remote Code Execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities. Merchants who have not previously downloaded a Magento 2 release should go straight to Magento Commerce or Open Source 2.3.3.Please refer to Security Best Practices for additional information how to secure your site. The Magento 2.2.10 software release marks the final supported software release for Magento version 2.1.x. As of June 30 2019, Magento 2.1.x will no longer receive security updates or product quality fixes now that its support window has expired.To download the releases, choose from the following options:

软件描述

Magento是一套专业开源的电子商务系统

CVE编号

CVE-2019-8129

USRC分析

暂无

业界资讯

暂无