2 matches found
CVE-2026-45063
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $SERVER'SSLCLIENTSDN' with an unanchored regex that matches emailAddress= anywhere in the distinguishe...
Symfony and Multiple Symfony Components < 5.4.52 / 6.x < 6.4.40 / 7.x < 7.4.12 / 8.x < 8.0.12 Multiple Vulnerabilities
The version of Symfony and/or its Symfony Monolog Bridge / MIME / Mailer / Routing / Security HTTP Components installed on the remote host is/are prior to 6.1.x prior to 6.4.40, 7.0.x prior to 7.4.12, 8.0.x prior to 8.0.12, and, therefore, affected by multiple vulnerabilities: - An authentication...