4 matches found
CVE-2014-4931
Summary: The connected documents describe a code injection vulnerability in Symfony’s translation caching within FrameworkBundle. The issue arises when locales from URLs are not sanitized before being dumped into a PHP cache file, enabling an attacker to inject PHP code via a crafted locale value...
Fedora Update for php-symfony FEDORA-2015-9025
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : php-symfony-2.5.4-1.fc21 (2014-10239)
2.5.4 2014-09-03 - security 11832 CVE-2014-6072 fabpot - security 11831 CVE-2014-5245 stof - security 11830 CVE-2014-4931 aitboudad, Jeremy Derusse - security 11829 CVE-2014-6061 damz, fabpot - security 11828 CVE-2014-5244 nicolas-grekas, larowlan - bug 10197 FrameworkBundle PhpExtractor bugfix a...
Security releases (CVE-2014-4931): Symfony 2.3.18, 2.4.8, and 2.5.2 released
Symfony 2.3.18, 2.4.8, and 2.5.2 have just been released; they contain a security fix for the Translator class provided by FrameworkBundle CVE-2014-4931. Note The Symfony versions released today also contain a server-side mitigation for a JSONP vulnerability as described in CVE-2014-4671. You can...