Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-8124HistoryDec 07, 2015 - 8:59 p.m.
CVE-2015-8124
2015-12-0720:59:14
Debian Security Bug Tracker
security-tracker.debian.org
12
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
87.2%
Session fixation vulnerability in the “Remember Me” login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | symfony | < 2.7.7+dfsg-1 | symfony_2.7.7+dfsg-1_all.deb |
| Debian | 11 | all | symfony | < 2.7.7+dfsg-1 | symfony_2.7.7+dfsg-1_all.deb |
| Debian | 10 | all | symfony | < 2.7.7+dfsg-1 | symfony_2.7.7+dfsg-1_all.deb |
| Debian | 999 | all | symfony | < 2.7.7+dfsg-1 | symfony_2.7.7+dfsg-1_all.deb |
| Debian | 13 | all | symfony | < 2.7.7+dfsg-1 | symfony_2.7.7+dfsg-1_all.deb |
Related
osv
osv
Symfony Session Fixation Vulnerability
2022-05-14 02:47:28
symfony - security update
2015-11-24 00:00:00
friendsofphp
friendsofphp
CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature
2015-11-23 11:45:06
CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature
2015-11-23 11:45:06
CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature
2015-11-23 11:45:06
ubuntucve
ubuntucve
CVE-2015-8124
2015-12-07 00:00:00
veracode
veracode
Session Fixation
2017-07-27 06:42:22
cve
cve
CVE-2015-8124
2015-12-07 20:59:14
prion
prion
Session fixation
2015-12-07 20:59:00
nvd
nvd
CVE-2015-8124
2015-12-07 20:59:14
symfony
symfony
CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature
2015-11-23 00:00:00
github
github
Symfony Session Fixation Vulnerability
2022-05-14 02:47:28
cvelist
cvelist
CVE-2015-8124
2015-12-07 20:00:00
debian
debian
[SECURITY] [DSA 3402-1] symfony security update
2015-11-24 18:22:12
[SECURITY] [DSA 3402-1] symfony security update
2015-11-24 18:22:12
fedora
fedora
[SECURITY] Fedora 23 Update: php-twig-1.23.1-2.fc23
2015-12-06 01:27:18
[SECURITY] Fedora 23 Update: php-symfony-2.7.7-2.fc23
2015-12-06 01:27:18
[SECURITY] Fedora 22 Update: php-twig-1.23.1-2.fc22
2015-12-06 03:21:30
nessus
nessus
Debian DSA-3402-1 : symfony - security update
2015-11-25 00:00:00
openvas
openvas
Fedora Update for php-symfony FEDORA-2015-0
2015-12-06 00:00:00
Debian Security Advisory DSA 3402-1 (symfony - security update)
2015-11-24 00:00:00
Debian: Security Advisory (DSA-3402-1)
2015-11-23 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
87.2%
Related for DEBIANCVE:CVE-2015-8124