8 matches found
CVE-2019-18886
creationtimestamp| type| source ---|---|--- 2024-02-26 10:11:56+00:00| seen| https://t.me/ctinow/193212...
CVE-2019-18886
An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security...
CVE-2019-18886
CVE-2019-18886 affects Symfony 4.2.0–4.2.11 and 4.3.0–4.3.7. The root cause is in the switch_user handling in symfony/security, where differences in whether a user existed during unauthorized switch attempts allowed user enumeration. The vulnerability enables an information disclosure vector via ...
CVE-2019-18886
An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security...
[SECURITY] [DLA 1999-1] symfony security update
Package : symfony Version : 2.3.21+dfsg-4+deb8u6 CVE ID : CVE-2019-18886 CVE-2019-18887 CVE-2019-18888 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. For Debian ...
CVE-2019-18886: Prevent user enumeration using switch user functionality
Affected versions Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony Security/Http component are affected by this security issue. The issue has been fixed in Symfony 4.2.12 and 4.3.8. Note that no fixes are provided for Symfony 4.1 as they are not maintained anymore. Description T...
CVE-2019-18886: Prevent user enumeration using switch user functionality
More info at https://symfony.com/cve-2019-18886...
CVE-2019-18886: Prevent user enumeration using switch user functionality
More info at https://symfony.com/cve-2019-18886...