Gateways/Gateway.php in Heartland & Global Payments PHP SDK before 2.0.0 does not enforce SSL certificate validations.
References
Link | Resource |
---|---|
https://github.com/globalpayments/php-sdk/compare/1.3.3...2.0.0 | Patch Release Notes Third Party Advisory |
https://github.com/globalpayments/php-sdk/pull/8 | Exploit Third Party Advisory |
https://github.com/globalpayments/php-sdk/releases/tag/2.0.0 | Release Notes Third Party Advisory |
https://winterdragon.ca/global-payments-vulnerability/ | Exploit Patch Third Party Advisory URL Repurposed |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-14T15:43:53
Updated: 2021-11-01T11:02:03
Reserved: 2020-02-14T00:00:00
Link: CVE-2019-20455
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-14T16:15:09.680
Modified: 2024-02-14T01:17:43.863
Link: CVE-2019-20455
JSON object: View
Redhat Information
No data.
CWE