12 matches found
Symfony Profiler - Remote Access via Injected Arguments
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...
Debian dsa-6317 : php-symfony - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6317 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6317-1 [email protected] https://www.debian.org/securit...
Linux Distros Unpatched Vulnerability : CVE-2024-50340
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive ...
CVE-2024-50340
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...
Symfony Environment Change Vulnerability (GHSA-x8vp-gf4q-mw5j)
Symfony is prone to a vulnerability where it is possible to change the environment in a query. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2024-50340
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...
CVE-2024-50340
creationtimestamp| type| source ---|---|--- 2024-11-06 21:10:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113438061792761841 2024-11-06 23:21:34+00:00| seen| https://t.me/cvedetector/10045 2024-11-12 04:59:20+00:00| published-proof-of-concept| https://t.me/proxybar/2372 2026-05-20...
CVE-2024-50340 Ability to change environment from query in symfony/runtime
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...
CVE-2024-50340
CVE-2024-50340 affects Symfony’s runtime component. When the PHP directive register_argv_argc is on, an attacker can exploit a crafted query string to influence the environment or debug mode used by the Symfony kernel during a request. Affected versions are Symfony 5.4.46, 6.4.14, and 7.1.7; the ...
CVE-2024-50340
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...
CVE-2024-50340: Ability to change environment from query
More info at https://symfony.com/cve-2024-50340...
CVE-2024-50340: Ability to change environment from query
More info at https://symfony.com/cve-2024-50340...