Lucene search
GoogleOSV:CVE-2020-5274HistoryMar 30, 2020 - 8:15 p.m.
CVE-2020-5274
2020-03-3020:15:19
Google
osv.dev
5
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the ErrorHandler rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5
Related
osv
osv
BIT-symfony-2020-5274
2024-03-06 11:08:37
Exceptions displayed in non-debug configurations in Symfony
2020-03-30 20:09:31
openvas
openvas
Symfony 4.4.x < 4.4.4, 5.0.x < 5.0.4 Information Disclosure Vulnerability
2020-04-01 00:00:00
nvd
nvd
CVE-2020-5274
2020-03-30 20:15:19
friendsofphp
friendsofphp
CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler
2020-03-30 14:00:00
CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler
2020-03-30 14:00:00
cve
cve
CVE-2020-5274
2020-03-30 20:15:19
cvelist
cvelist
CVE-2020-5274 Exceptions displayed in non-debug configurations in Symfony
2020-03-30 19:40:14
debiancve
debiancve
CVE-2020-5274
2020-03-30 20:15:19
symfony
symfony
CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler
2020-03-30 00:00:00
prion
prion
Design/Logic Flaw
2020-03-30 20:15:00
github
github
Exceptions displayed in non-debug configurations in Symfony
2020-03-30 20:09:31
ubuntucve
ubuntucve
CVE-2020-5274
2020-03-30 00:00:00