#

cosmic-sting

Here are 4 public repositories matching this topic...

magento2-jwt-auth-patch

wubinworks / magento2-jwt-auth-patch

Fix the JWT authentication vulnerability on certain Magento 2 versions. Deny tokens issued by old encryption key. If you cannot upgrade Magento or cannot apply the official patch, try this one.

jwt magento2 encryption-key token patch jwt-authentication webapi key-rotation cve-2024-34102 cosmic-sting

Updated Dec 10, 2024
PHP

magento2-cosmic-sting-patch

wubinworks / magento2-cosmic-sting-patch

Another way(as an extension) to fix CVE-2024-34102(XXE vulnerability) with extra XML Security enhancement. If you cannot upgrade Magento or cannot apply the official patch, this one is an alternative solution.

extension xml bug magento2 patch hotfix xxe xml-security security-hole xml-entity cosmicsting cve-2024-34102 cosmic-sting

Updated Jan 19, 2025
PHP

magento2-encryption-key-manager-cli

wubinworks / magento2-encryption-key-manager-cli

A utility for Magento 2 encryption key rotation and management. CVE-2024-34102(aka Cosmic Sting) victims can use it as an aftercare.

cli magento2 encryption-key key-generation deployment-automation key-rotation cve-2024-34102 cosmic-sting

Updated Dec 4, 2024
PHP

wubinworks / magento2-enhanced-xml-security

A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced XML Security.

security encoding xml php-fpm magento2 enhancement xxe xml-security xml-entity cve-2024-34102 cosmic-sting xml-encoding

Updated Jan 15, 2025
PHP

Improve this page

Add a description, image, and links to the cosmic-sting topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the cosmic-sting topic, visit your repo's landing page and select "manage topics."