3 matches found
Symfony's `Security::login` does not take into account custom `user_checker`
Description The custom userchecker defined on a firewall is not called when Login Programmaticaly with the Security::login method, leading to unwanted login. Resolution The Security::login method now ensure to call the configured userchecker. The patch for this issue is available here for branch...
GHSA-JXGR-3V7Q-3W9V Symfony's `Security::login` does not take into account custom `user_checker`
Description The custom userchecker defined on a firewall is not called when Login Programmaticaly with the Security::login method, leading to unwanted login. Resolution The Security::login method now ensure to call the configured userchecker. The patch for this issue is available here for branch...
CVE-2017-16654: Intl bundle readers breaking out of paths
Affected versions Symfony 2.7.0 to 2.7.37, 2.8.0 to 2.8.30, 3.2.0 to 3.2.13, and 3.3.0 to 3.3.12 versions of the Symfony Intl component are affected by this security issue. The issue has been fixed in Symfony 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. Note that no fixes are provide...