{"id":"CVE-2019-20455","details":"Gateways/Gateway.php in Heartland & Global Payments PHP SDK before 2.0.0 does not enforce SSL certificate validations.","aliases":["GHSA-pm77-c4q7-3fwj"],"modified":"2026-04-11T21:02:06.498020Z","published":"2020-02-14T16:15:09.680Z","references":[{"type":"ADVISORY","url":"https://github.com/globalpayments/php-sdk/releases/tag/2.0.0"},{"type":"FIX","url":"https://github.com/globalpayments/php-sdk/compare/1.3.3...2.0.0"},{"type":"FIX","url":"https://winterdragon.ca/global-payments-vulnerability/"},{"type":"EVIDENCE","url":"https://github.com/globalpayments/php-sdk/pull/8"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/globalpayments/php-sdk","events":[{"introduced":"0"},{"fixed":"a73f8039b213ce6888df1f12e93fc3264d920f2e"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"2.0.0"}],"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:globalpayments:php_sdk:*:*:*:*:*:*:*:*"}}],"versions":["1.0.0","1.1.0","1.1.1","1.1.2","1.2.0","1.2.1","1.2.2","1.2.3","1.3.0","1.3.1","1.3.2","1.3.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-20455.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}