Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-18887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timin...

8.1CVSS7.2AI score0.01338EPSS
Exploits0References2
Circl
Circl
added 2024/02/26 10:11 a.m.9 views

CVE-2019-18887

creationtimestamp| type| source ---|---|--- 2024-02-26 10:11:57+00:00| seen| https://t.me/ctinow/193213...

8.1CVSS7.8AI score0.01338EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/11/22 12:0 a.m.36 views

Fedora 31 : php-symfony3 (2019-8b0ba02338)

Version 3.4.35 2019-11-13 - bug 34344 Console Constant STDOUT might be undefined nicolas-grekas - security cve-2019-18889 Cache forbid serializing AbstractAdapter and TagAwareAdapter instances nicolas-grekas - security cve-2019-18888 HttpFoundation fix guessing mime-types of files with leading da...

9.8CVSS7.6AI score0.33247EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/11/22 12:0 a.m.28 views

Fedora 30 : php-symfony (2019-9c2ad3b018)

Version 2.8.52 2019-11-13 - security cve-2019-18888 HttpFoundation fix guessing mime-types of files with leading dash nicolas-grekas - security cve-2019-18887 HttpKernel Use constant time comparison in UriSigner stof Note that Tenable Network Security has extracted the preceding description block...

8.1CVSS7.4AI score0.02248EPSS
Exploits0References3
OSV
OSV
added 2019/11/21 11:15 p.m.2 views

DEBIAN-CVE-2019-18887

An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel...

8.1CVSS7.8AI score0.01338EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/11/21 11:15 p.m.31 views

CVE-2019-18887

An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel...

8.1CVSS7.1AI score0.01338EPSS
Exploits0References3
CVE
CVE
added 2019/11/21 10:18 p.m.150 views

CVE-2019-18887

CVE-2019-18887 affects Symfony components in versions 2.8.0–2.8.50, 3.4.0–3.4.34, 4.2.0–4.2.11, and 4.3.0–4.3.7, due to timing-attack vulnerability in UriSigner (related to symfony/http-kernel). Fedora/Nessus details confirm fixes: 2.8.52, 3.4.35, and 4.3.8 releases provided patches. Exploit stat...

8.1CVSS7.7AI score0.01338EPSS
Exploits0References6Affected Software1
Debian
Debian
added 2019/11/19 1:38 a.m.106 views

[SECURITY] [DLA 1999-1] symfony security update

Package : symfony Version : 2.3.21+dfsg-4+deb8u6 CVE ID : CVE-2019-18886 CVE-2019-18887 CVE-2019-18888 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. For Debian ...

8.1CVSS7.1AI score0.02248EPSS
Exploits0
Debian
Debian
added 2019/11/18 10:4 p.m.94 views

[SECURITY] [DSA 4573-1] symfony security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4573-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 18, 2019 https://www.debian.org/security/faq -...

9.8CVSS8.8AI score0.33247EPSS
Exploits0
Symfony
Symfony
added 2019/11/13 12:0 a.m.46 views

CVE-2019-18887: Use constant time comparison in UriSigner

Affected versions Symfony 2.8.0 to 2.8.51, 3.4.0 to 3.4.34, 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony HttpKernel component are affected by this security issue. The issue has been fixed in Symfony 2.8.52, 3.4.35, 4.2.12 and 4.3.8. Note that no fixes are provided for Symfony 3.0,...

8.1CVSS7.8AI score0.01338EPSS
Exploits0
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.24 views

CVE-2019-18887: Use constant time comparison in UriSigner

More info at https://symfony.com/cve-2019-18887...

8.1CVSS7.2AI score0.01338EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.29 views

CVE-2019-18887: Use constant time comparison in UriSigner

More info at https://symfony.com/cve-2019-18887...

8.1CVSS7.2AI score0.01338EPSS
Exploits0Affected Software1
Rows per page
Query Builder