Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:54 a.m.6 views

CVE-2013-5750

The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service CPU consumption via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation...

5CVSS6.9AI score0.01232EPSS
Exploits0References1
OSV
OSV
added 2022/05/17 4:19 a.m.10 views

GHSA-CR49-FX2V-9P57 Symfony Denial of Service Via Long Password Hashing

The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service CPU consumption via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a...

5CVSS6.4AI score0.01868EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/17 4:19 a.m.42 views

Symfony Denial of Service Via Long Password Hashing

The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service CPU consumption via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a...

5CVSS6.9AI score0.01868EPSS
Exploits0References9Affected Software3
Prion
Prion
added 2014/12/27 6:59 p.m.19 views

Design/Logic Flaw

The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service CPU consumption via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a...

5CVSS6.8AI score0.01868EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/12/27 6:0 p.m.19 views

CVE-2013-5958

The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service CPU consumption via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a...

6.5AI score0.01868EPSS
Exploits0References1
CVE
CVE
added 2013/09/25 10:0 a.m.63 views

CVE-2013-5750

The CVE concerns the FriendsOfSymfony FOSUserBundle login form (Symfony) prior to 1.3.3. The vulnerability is a denial of service caused by an expensive hash computation triggered by a very long password (PBKDF2), leading to high CPU usage. The connected records confirm the issue and its scope bu...

5CVSS6.6AI score0.01232EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/09/25 10:0 a.m.31 views

CVE-2013-5750

The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service CPU consumption via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation...

6.4AI score0.01232EPSS
Exploits0References1
Friends Of PHP
Friends Of PHP
added 2012/09/23 10:11 a.m.29 views

DOS attack in FOSUserBundle login form

More info at https://symfony.com/cve-2013-5750...

5CVSS7.2AI score0.01232EPSS
Exploits0Affected Software1
Rows per page
Query Builder