Lucene search
+L

5 matches found

NVD
NVD
added 4 days ago4 views

CVE-2026-48784

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, UrlGenerator::doGenerate used strtr dot-segment encoding that skipped every other chained ../ or ./ segment, allowing attacker-controlled route parameters...

6.1CVSS0.00267EPSS
Exploits0References5
OSV
OSV
added 4 days ago7 views

UBUNTU-CVE-2026-48784

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, UrlGenerator::doGenerate used strtr dot-segment encoding that skipped every other chained ../ or ./ segment, allowing attacker-controlled route parameters...

6.1CVSS6.1AI score0.00267EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.12 views

Debian dsa-6317 : php-symfony - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6317 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6317-1 [email protected] https://www.debian.org/securit...

9.1CVSS6.2AI score0.63422EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2026-48784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13,...

6.1CVSS6.1AI score0.00267EPSS
Exploits0References3
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.8 views

CVE-2026-48784: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization

More info at https://symfony.com/cve-2026-48784...

6.1CVSS5.8AI score0.00267EPSS
Exploits0Affected Software1
Rows per page
Query Builder