CVE-2019-7860

Name of the Vulnerable Software and Affected Versions Magento versions 2.1 prior to 2.1.18 Magento versions 2.2 prior to 2.2.9 Magento versions 2.3 prior to 2.3.2

Description A cryptographically weak pseudo-random number generator is used in multiple security-relevant contexts.

Recommendations For Magento 2.1, update to version 2.1.18 or later. For Magento 2.2, update to version 2.2.9 or later. For Magento 2.3, update to version 2.3.2 or later.