2 matches found
CVE-2025-68129
CVSS and description : CVE-2025-68129 relates to improper audience validation in Auth0-PHP, potentially allowing ID tokens to be accepted as access tokens. The issue affects Auth0-PHP versions 8.0.0 through 8.17.0, and applications using dependent SDKs that rely on those Auth0-PHP versions: Symfo...
PT-2020-18349 · Symfony · Symfony
Name of the Vulnerable Software and Affected Versions: Symfony versions prior to 4.4.7 Symfony versions prior to 5.0.7 Description: When a Response does not contain a Content-Type header, affected versions of Symfony can fallback to the format defined in the Accept header of the request, leading ...