Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2021/11/24 9:1 p.m.29 views

GHSA-2XHG-W2G5-W95X CSV Injection in symfony/serializer

Description ----------- CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files. When a spreadsheet program opens a CSV, any cell starting with = is interpreted by the software as a formula and could be abused by an attacker. In Symfony 4.1, we'...

6.5CVSS6.1AI score0.00871EPSS
Exploits0References13
Github Security Blog
Github Security Blogadded 2021/11/24 9:1 p.m.41 views

CSV Injection in symfony/serializer

Description ----------- CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files. When a spreadsheet program opens a CSV, any cell starting with = is interpreted by the software as a formula and could be abused by an attacker. In Symfony 4.1, we'...

6.5CVSS1.4AI score0.00871EPSS
Exploits0References13Affected Software2
NVD
NVDadded 2021/11/24 7:15 p.m.20 views

CVE-2021-41270

Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula...

6.5CVSS0.00871EPSS
Exploits0References6
Rows per page
Query Builder