Lucene search
K

12 matches found

OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.34 views

Fedora Update for php-symfony FEDORA-2015-9025

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.08269EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.21 views

Fedora Update for php-symfony FEDORA-2015-9039

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.08269EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/06/09 12:0 a.m.29 views

Fedora 22 : php-symfony-2.5.12-1.fc22 (2015-9034)

2.5.12 2015-05-27 - security 14759 CVE-2015-4050 HttpKernel Do not call the FragmentListener if controller is already defined jakzal Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...

4.3CVSS5.4AI score0.08269EPSS
Exploits0References3
NVD
NVD
added 2015/06/02 2:59 p.m.14 views

CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...

4.3CVSS6.5AI score0.08269EPSS
Exploits0References6
OSV
OSV
added 2015/06/02 2:59 p.m.4 views

CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...

4.3CVSS6.5AI score0.08269EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2015/06/02 2:59 p.m.20 views

CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...

4.3CVSS5.9AI score0.08269EPSS
Exploits0References2
CVE
CVE
added 2015/06/02 2:0 p.m.195 views

CVE-2015-4050

CVE-2015-4050 affects Symfony’s HttpKernel FragmentListener when ESI/SSI is enabled. Versions affected: 2.3.19–2.3.28, 2.4.9–2.4.10, 2.5.4–2.5.11, 2.6.0–2.6.7. Root cause: FragmentListener does not verify if the "_controller" attribute is set, enabling remote attackers to bypass URL signing and s...

4.3CVSS6.5AI score0.08269EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2015/06/02 2:0 p.m.21 views

CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...

4.3CVSS6.4AI score0.08269EPSS
Exploits0
Cvelist
Cvelist
added 2015/06/02 2:0 p.m.28 views

CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...

6.3AI score0.08269EPSS
Exploits0References6
Debian
Debian
added 2015/05/31 8:52 a.m.31 views

[SECURITY] [DSA 3276-1] symfony security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3276-1 [email protected] http://www.debian.org/security/ David Prevot May 31, 2015 http://www.debian.org/security/faq -...

4.3CVSS5.7AI score0.08269EPSS
Exploits0
Friends Of PHP
Friends Of PHP
added 2015/05/26 11:55 p.m.21 views

CVE-2015-4050: ESI unauthorized access

More info at https://symfony.com/cve-2015-4050...

4.3CVSS7.2AI score0.08269EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2015/05/26 11:55 p.m.26 views

CVE-2015-4050: ESI unauthorized access

More info at https://symfony.com/cve-2015-4050...

4.3CVSS7.2AI score0.08269EPSS
Exploits0Affected Software1
Rows per page
Query Builder