Lucene search
K

15 matches found

Circl
Circl
added 2019/05/16 10:51 p.m.6 views

CVE-2019-10909

creationtimestamp| type| source ---|---|--- 2019-05-16 22:51:24+00:00| seen| https://t.me/cvemitreorg/25 2025-05-08 05:00:07+00:00| published-proof-of-concept| Telegram/ee4Sk2iX4NQCrC-p271ZgtDUcNEyDO7VCRtDqN26FeKrwI4...

5.4CVSS7AI score0.01048EPSS
Exploits0References1
OSV
OSV
added 2019/05/16 10:29 p.m.4 views

DEBIAN-CVE-2019-10909

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle...

5.4CVSS6.3AI score0.01048EPSS
Exploits0References1
CVE
CVE
added 2019/05/16 9:36 p.m.187 views

CVE-2019-10909

The CVE affects Symfony framework-bundle: 2.x up to 2.7.51, 2.8.x up to 2.8.50, 3.x up to 3.4.26, 4.x up to 4.1.12, and 4.2.x up to 4.2.7. Root cause: validation messages are not escaped in the PHP templating engine, enabling XSS when user input is included. Impact: cross-site scripting in applic...

5.4CVSS6.9AI score0.01048EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.48 views

Fedora 30 : drupal8 (2019-eba8e44ee6)

https://www.drupal.org/project/drupal/releases/8.6.15 - https://www.drupal.org/SA-CORE-2019-005 CVE-2019-10909 / CVE-2019-10910 / CVE-2019-10911 - https://www.drupal.org/SA-CORE-2019-006 CVE-2019-11358 - https://www.drupal.org/project/drupal/releases/8.6.14 Note that Tenable Network Security has...

9.8CVSS6.9AI score0.87218EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.46 views

Fedora 29 : drupal8 (2019-7eaf0bbe7c)

https://www.drupal.org/project/drupal/releases/8.6.15 - https://www.drupal.org/SA-CORE-2019-005 CVE-2019-10909 / CVE-2019-10910 / CVE-2019-10911 - https://www.drupal.org/SA-CORE-2019-006 CVE-2019-11358 - https://www.drupal.org/project/drupal/releases/8.6.14 Note that Tenable Network Security has...

9.8CVSS6.9AI score0.87218EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.34 views

Fedora 28 : drupal8 (2019-1a3edd7e8a)

https://www.drupal.org/project/drupal/releases/8.6.15 - https://www.drupal.org/SA-CORE-2019-005 CVE-2019-10909 / CVE-2019-10910 / CVE-2019-10911 - https://www.drupal.org/SA-CORE-2019-006 CVE-2019-11358 - https://www.drupal.org/project/drupal/releases/8.6.14 Note that Tenable Network Security has...

9.8CVSS6.9AI score0.87218EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2019/05/07 12:0 a.m.43 views

Debian DLA-1778-1 : symfony security update

Several security vulnerabilities have been discovered in symfony, a PHP web application framework. Numerous symfony components are affected: Framework Bundle, Dependency Injection, Security, HttpFoundation CVE-2019-10909 Validation messages were not escaped when using the form theme of the PHP...

9.8CVSS8AI score0.0595EPSS
Exploits1References10
Debian
Debian
added 2019/05/06 7:15 p.m.127 views

[SECURITY] [DLA 1778-1] symfony security update

Package : symfony Version : 2.3.21+dfsg-4+deb8u5 CVE ID : CVE-2019-10909 CVE-2019-10910 CVE-2019-10911 CVE-2019-10913 Several security vulnerabilities have been discovered in symfony, a PHP web application framework. Numerous symfony components are affected: Framework Bundle, Dependency Injection...

9.8CVSS9.3AI score0.0595EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.41 views

Fedora 30 : php-symfony4 (2019-f5d6a7ce74)

Version 4.2.7 2019-04-17 - bug 31107 Routing fix trailing slash redirection with non-greedy trailing vars nicolas-grekas - bug 31108 FrameworkBundle decorate the ValidatorBuilder's translator with LegacyTranslatorProxy nicolas-grekas - bug 31121 HttpKernel Fix get session when the request stack i...

9.8CVSS7.7AI score0.0595EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.36 views

Fedora 30 : php-symfony3 (2019-8635280de5)

Version 3.4.26 2019-04-17 - bug 31084 HttpFoundation Make MimeTypeExtensionGuesser case insensitive vermeirentony - bug 31142 Revert 'bug 30423 Security Rework firewall's access denied rule dimabory' chalasr - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security...

9.8CVSS7.7AI score0.0595EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/04/29 12:0 a.m.31 views

Fedora 29 : php-symfony (2019-f8db687840)

Version 2.8.50 2019-04-17 - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security cve-2019-10909 FrameworkBundleForm Fix XSS issues in the form theme of the PHP templating engine stof - security cve-2019-10912 PHPUnit Bridge Prevent destructors with side-effects from...

9.8CVSS7.7AI score0.0595EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/04/24 12:0 a.m.56 views

Drupal 8.x Multiple Vulnerabilities (SA-CORE-2019-005) - Linux

Drupal is prone to multiple vulnerabilities in third-party dependencies. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS8AI score0.0595EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/04/17 12:0 a.m.40 views

drupal -- Drupal core - Moderately critical

Drupal Security Team reports: CVE-2019-10909: Escape validation messages in the PHP templating engine. CVE-2019-10910: Check service IDs are valid. CVE-2019-10911: Add a separator in the remember me cookie hash. jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extendtrue...

9.8CVSS1.2AI score0.0595EPSS
Exploits1References2
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.27 views

CVE-2019-10909: Escape validation messages in the PHP templating engine

More info at https://symfony.com/cve-2019-10909...

5.4CVSS7.2AI score0.01048EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.31 views

CVE-2019-10909: Escape validation messages in the PHP templating engine

More info at https://symfony.com/cve-2019-10909...

5.4CVSS7.2AI score0.01048EPSS
Exploits0Affected Software1
Rows per page
Query Builder