11 matches found
Fedora Update for php-symfony FEDORA-2015-5504
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-2308
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...
CVE-2015-2308
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...
CVE-2015-2308
Symfony 2.x vulnerable to PHP code execution via HTTP cache HttpCache Eval injection. Affected: HttpKernel HttpCache class when ESI is enabled. Root cause: language="php" attribute in SCRIPT elements not escaped before eval(). Affected versions: Symfony 2.0.x–2.6.x with fixes in 2.3.27, 2.5.11, a...
CVE-2015-2308
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...
Fedora Update for php-symfony FEDORA-2015-9025
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for php-symfony FEDORA-2015-9039
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : php-symfony-2.5.11-1.fc22 (2015-5504)
2.5.11 2015-04-01 - security 14167 CVE-2015-2308 nicolas-grekas - security 14166 CVE-2015-2309 neclimdul Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much ...
Fedora 21 : php-symfony-2.5.11-1.fc21 (2015-5457)
2.5.11 2015-04-01 - security 14167 CVE-2015-2308 nicolas-grekas - security 14166 CVE-2015-2309 neclimdul Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much ...
Fedora 20 : php-symfony-2.5.11-1.fc20 (2015-5464)
2.5.11 2015-04-01 - security 14167 CVE-2015-2308 nicolas-grekas - security 14166 CVE-2015-2309 neclimdul Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much ...
Esi Code Injection
More info at https://symfony.com/cve-2015-2308...