3 matches found
Symfony 授权问题漏洞
Symfony is a PHP framework for web and console applications and a set of reusable PHP components from Symfony, Inc. A security vulnerability exists in Symfony that stems from the fact that a custom userchecker on the firewall is not invoked when logging in programmatically using the Security::log...
PT-2024-34151 · Symfony +2 · Symfony/Securitybundle +2
Name of the Vulnerable Software and Affected Versions: symfony/security-bundle versions prior to 6.4.10 symfony/security-bundle versions prior to 7.0.10 symfony/security-bundle versions prior to 7.1.3 Description: The custom user checker defined on a firewall is not called when logging in...
CVE-2024-50341: Security::login does not take into account custom user_checker
More info at https://symfony.com/cve-2024-50341...