cve-2024-34102
Here are 7 public repositories matching this topic...
Fix the JWT authentication vulnerability on certain Magento 2 versions. Deny tokens issued by old encryption key. If you cannot upgrade Magento or cannot apply the official patch, try this one.
-
Updated
Dec 10, 2024 - PHP
Another way(as an extension) to fix CVE-2024-34102(XXE vulnerability) with extra XML Security enhancement. If you cannot upgrade Magento or cannot apply the official patch, this one is an alternative solution.
-
Updated
Jan 19, 2025 - PHP
CosmicSting (CVE-2024-34102) POC / Patch Validator
-
Updated
Jul 13, 2024 - Python
A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced XML Security.
-
Updated
Jan 15, 2025 - PHP
A utility for Magento 2 encryption key rotation and management. CVE-2024-34102(aka Cosmic Sting) victims can use it as an aftercare.
-
Updated
Dec 4, 2024 - PHP
Improve this page
Add a description, image, and links to the cve-2024-34102 topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the cve-2024-34102 topic, visit your repo's landing page and select "manage topics."