7 matches found
Symfony 4.4.x < 4.4.4, 5.0.x < 5.0.4 Information Disclosure Vulnerability
Symfony is prone to an information disclosure vulnerability. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwa...
CVE-2020-5274
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the ErrorHandler rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the...
CVE-2020-5274
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the ErrorHandler rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the...
CVE-2020-5274 Exceptions displayed in non-debug configurations in Symfony
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the ErrorHandler rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the...
CVE-2020-5274
The CVE-2020-5274 issue affects Symfony versions prior to 5.0.5 and 4.4.5, where the ErrorHandler did not escape all properties of exceptions in stack traces and could reveal stack traces in non-debug configurations. The vulnerability is mitigated by patching in Symfony’s http-foundation componen...
CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler
More info at https://symfony.com/cve-2020-5274...
CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler
More info at https://symfony.com/cve-2020-5274...