Lucene search
K

14 matches found

OSV
OSV
added 2019/05/16 10:29 p.m.1 views

DEBIAN-CVE-2019-10911

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/securit...

7.5CVSS6.9AI score0.01243EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.34 views

Fedora 28 : drupal8 (2019-1a3edd7e8a)

https://www.drupal.org/project/drupal/releases/8.6.15 - https://www.drupal.org/SA-CORE-2019-005 CVE-2019-10909 / CVE-2019-10910 / CVE-2019-10911 - https://www.drupal.org/SA-CORE-2019-006 CVE-2019-11358 - https://www.drupal.org/project/drupal/releases/8.6.14 Note that Tenable Network Security has...

9.8CVSS6.9AI score0.87218EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.48 views

Fedora 30 : drupal8 (2019-eba8e44ee6)

https://www.drupal.org/project/drupal/releases/8.6.15 - https://www.drupal.org/SA-CORE-2019-005 CVE-2019-10909 / CVE-2019-10910 / CVE-2019-10911 - https://www.drupal.org/SA-CORE-2019-006 CVE-2019-11358 - https://www.drupal.org/project/drupal/releases/8.6.14 Note that Tenable Network Security has...

9.8CVSS6.9AI score0.87218EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.46 views

Fedora 29 : drupal8 (2019-7eaf0bbe7c)

https://www.drupal.org/project/drupal/releases/8.6.15 - https://www.drupal.org/SA-CORE-2019-005 CVE-2019-10909 / CVE-2019-10910 / CVE-2019-10911 - https://www.drupal.org/SA-CORE-2019-006 CVE-2019-11358 - https://www.drupal.org/project/drupal/releases/8.6.14 Note that Tenable Network Security has...

9.8CVSS6.9AI score0.87218EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2019/05/07 12:0 a.m.43 views

Debian DLA-1778-1 : symfony security update

Several security vulnerabilities have been discovered in symfony, a PHP web application framework. Numerous symfony components are affected: Framework Bundle, Dependency Injection, Security, HttpFoundation CVE-2019-10909 Validation messages were not escaped when using the form theme of the PHP...

9.8CVSS8AI score0.0595EPSS
Exploits1References10
Debian
Debian
added 2019/05/06 7:15 p.m.128 views

[SECURITY] [DLA 1778-1] symfony security update

Package : symfony Version : 2.3.21+dfsg-4+deb8u5 CVE ID : CVE-2019-10909 CVE-2019-10910 CVE-2019-10911 CVE-2019-10913 Several security vulnerabilities have been discovered in symfony, a PHP web application framework. Numerous symfony components are affected: Framework Bundle, Dependency Injection...

9.8CVSS9.3AI score0.0595EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.36 views

Fedora 30 : php-symfony3 (2019-8635280de5)

Version 3.4.26 2019-04-17 - bug 31084 HttpFoundation Make MimeTypeExtensionGuesser case insensitive vermeirentony - bug 31142 Revert 'bug 30423 Security Rework firewall's access denied rule dimabory' chalasr - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security...

9.8CVSS7.7AI score0.0595EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.41 views

Fedora 30 : php-symfony4 (2019-f5d6a7ce74)

Version 4.2.7 2019-04-17 - bug 31107 Routing fix trailing slash redirection with non-greedy trailing vars nicolas-grekas - bug 31108 FrameworkBundle decorate the ValidatorBuilder's translator with LegacyTranslatorProxy nicolas-grekas - bug 31121 HttpKernel Fix get session when the request stack i...

9.8CVSS7.7AI score0.0595EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/04/29 12:0 a.m.31 views

Fedora 29 : php-symfony (2019-f8db687840)

Version 2.8.50 2019-04-17 - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security cve-2019-10909 FrameworkBundleForm Fix XSS issues in the form theme of the PHP templating engine stof - security cve-2019-10912 PHPUnit Bridge Prevent destructors with side-effects from...

9.8CVSS7.7AI score0.0595EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/04/24 12:0 a.m.56 views

Drupal 8.x Multiple Vulnerabilities (SA-CORE-2019-005) - Linux

Drupal is prone to multiple vulnerabilities in third-party dependencies. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS8AI score0.0595EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/04/17 12:0 a.m.40 views

drupal -- Drupal core - Moderately critical

Drupal Security Team reports: CVE-2019-10909: Escape validation messages in the PHP templating engine. CVE-2019-10910: Check service IDs are valid. CVE-2019-10911: Add a separator in the remember me cookie hash. jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extendtrue...

9.8CVSS1.2AI score0.0595EPSS
Exploits1References2
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.21 views

CVE-2019-10911: Add a separator in the remember me cookie hash

More info at https://symfony.com/cve-2019-10911...

7.5CVSS7.2AI score0.01243EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.24 views

CVE-2019-10911: Add a separator in the remember me cookie hash

More info at https://symfony.com/cve-2019-10911...

7.5CVSS7.2AI score0.01243EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.28 views

CVE-2019-10911: Add a separator in the remember me cookie hash

More info at https://symfony.com/cve-2019-10911...

7.5CVSS7.2AI score0.01243EPSS
Exploits0Affected Software1
Rows per page
Query Builder