15 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-11385
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x befor...
[SECURITY] [DLA 1707-1] symfony security update
Package : symfony Version : 2.3.21+dfsg-4+deb8u4 CVE ID : CVE-2017-16652 CVE-2017-16654 CVE-2018-11385 CVE-2018-11408 CVE-2018-14773 CVE-2018-19789 CVE-2018-19790 Several security vulnerabilities have been discovered in symfony, a PHP web application framework. Numerous symfony components are...
Debian: Security Advisory (DLA-1707-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 28 : php-symfony3 (2018-ba0b683c10)
Version 3.4.11 2018-05-25 - bug 27364 DI Fix bad exception on uninitialized references to non-shared services nicolas-grekas - bug 27359 HttpFoundation Fix perf issue during MimeTypeGuesser intialization nicolas-grekas - security cve-2018-11408 SecurityBundle Fail if security.httputils cannot be...
Fedora 28 : php-symfony4 (2018-96d770ddc9)
Version 4.0.11 2018-05-25 - bug 27364 DI Fix bad exception on uninitialized references to non-shared services nicolas-grekas - bug 27359 HttpFoundation Fix perf issue during MimeTypeGuesser intialization nicolas-grekas - security cve-2018-11408 SecurityBundle Fail if security.httputils cannot be...
Fedora Update for php-symfony3 FEDORA-2018-6f3ceeb7cb
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : php-symfony3 (2018-c8ddc44bbb)
3.3.17 2018-05-25 - security cve-2018-11407 Ldap cast to string when checking empty passwords - security cve-2018-11408 SecurityBundle Fail if security.httputils cannot be configured - security cve-2018-11406 clear CSRF tokens when the user is logged out - security cve-2018-11385 migrating sessio...
Fedora Update for php-symfony3 FEDORA-2018-c8ddc44bbb
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-11385
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web...
CVE-2018-11385
CVE-2018-11385 affects the Symfony Security component (Guard login) across multiple branches: 2.7.x <= 2.7.47 (fixed in 2.7.48), 2.8.x <= 2.8.40 (fixed in 2.8.41), 3.3.x <= 3.3.16 (fixed in 3.3.17), 3.4.x <= 3.4.10 (fixed in 3.4.11), and 4.0.x
CVE-2018-11385: Session Fixation Issue for Guard Authentication
More info at https://symfony.com/cve-2018-11385...
CVE-2018-11385: Session Fixation Issue for Guard Authentication
More info at https://symfony.com/cve-2018-11385...
CVE-2018-11385: Session Fixation Issue for Guard Authentication
More info at https://symfony.com/cve-2018-11385...
CVE-2018-11385: Session Fixation Issue for Guard Authentication
More info at https://symfony.com/cve-2018-11385...
CVE-2018-11385: Session Fixation Issue for Guard Authentication
Affected versions Symfony 2.7.0 to 2.7.47, 2.8.0 to 2.8.40, 3.3.0 to 3.3.16, 3.4.0 to 3.4.10 and 4.0.0 to 4.0.10 versions of the Symfony Security component are affected by this security issue. The issue has been fixed in Symfony 2.7.48, 2.8.41, 3.3.17, 3.4.11, and 4.0.11. Note that no fixes are...