Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-44142

Name of the Vulnerable Software and Affected Versions Symfony versions prior to 5.4 Description The SymfonyComponentCacheAdapterPdoAdapter contains a flaw in the clear$prefix method inherited from AbstractAdapterTrait. In the non-versioning code path, the $prefix variable is concatenated into a...

6.3CVSS6AI score0.00062EPSS
Exploits0References18
Hacker One
Hacker One
added 2022/08/25 4:7 a.m.66 views

GitLab: Remote Command Execution via Github import

Summary This is very similar to https://about.gitlab.com/releases/2022/08/22/critical-security-release-gitlab-15-3-1-released/Remote%20Command%20Execution%20via%20Github%20import and allows arbitrary redis commands to be injected when imported a GitHub repository. When importing a GitHub repo the...

6.5CVSS0.3AI score0.75718EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2019/12/02 6:7 p.m.183 views

Symfony Unsafe Cache Serialization Could Enable RCE

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache...

9.8CVSS9.4AI score0.33247EPSS
Exploits0References10Affected Software2
NVD
NVD
added 2019/11/21 11:15 p.m.17 views

CVE-2019-18889

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache...

9.8CVSS9.7AI score0.33247EPSS
Exploits0References4
OSV
OSV
added 2019/11/21 11:15 p.m.23 views

CVE-2019-18889

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache...

9.8CVSS7.5AI score0.33247EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/11/21 11:15 p.m.26 views

CVE-2019-18889

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache...

9.8CVSS7.4AI score0.33247EPSS
Exploits0References3
Prion
Prion
added 2019/11/21 11:15 p.m.24 views

Code injection

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache...

7.5CVSS9.6AI score0.33247EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2019/11/21 10:21 p.m.49 views

CVE-2019-18889

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache...

9.8CVSS9.7AI score0.33247EPSS
Exploits0
Cvelist
Cvelist
added 2019/11/21 10:21 p.m.37 views

CVE-2019-18889

An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache...

9.7AI score0.33247EPSS
Exploits0References4
CVE
CVE
added 2019/11/21 10:21 p.m.158 views

CVE-2019-18889

CVE-2019-18889 affects Symfony’s cache component across Symfony 3.4.0–3.4.34, 4.2.0–4.2.11, and 4.3.0–4.3.7. The issue is caused by deserializing certain cache adapter interfaces, which could enable remote code injection. Affected adapters include AbstractAdapter and TagAwareAdapter (as noted in ...

9.8CVSS9.5AI score0.33247EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder