Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.6 views

CVE-2021-41270

Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula...

6.5CVSS7.1AI score0.01355EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.45 views

Ubuntu 18.04 ESM / 20.04 ESM : Symfony vulnerabilities (USN-5290-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5290-1 advisory. James Isaac and Mathias Brodala discovered that Symfony incorrectly handled switch users functionality. An attacker could possibly use this...

6.5CVSS6.5AI score0.01712EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2022/08/24 11:38 a.m.422 views

USN-5290-1: Symfony vulnerabilities

James Isaac and Mathias Brodala discovered that Symfony incorrectly handled switch users functionality. An attacker could possibly use this issue to enumerate users. CVE-2021-21424 It was discovered that Symfony incorrectly handled certain specially crafted CSV files. An attacker could possibly u...

6.5CVSS6AI score0.01712EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/12/04 12:0 a.m.18 views

Fedora: Security Advisory for php-symfony4 (FEDORA-2021-10fd47b32d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.5AI score0.01355EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/11/24 7:15 p.m.4 views

CVE-2021-41270

Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula...

6.5CVSS6.6AI score0.01355EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2021/11/24 7:15 p.m.37 views

CVE-2021-41270

Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula...

6.5CVSS0.01355EPSS
Exploits0References6
CVE
CVE
added 2021/11/24 7:5 p.m.108 views

CVE-2021-41270

CVE-2021-41270 (Symfony CSV Injection) affects Symfony/Serializer in Symfony PHP framework. The issue arises in the CsvEncoder where cells beginning with =, +, -, or @ could be treated as formulas. Initially, a tab prefix was used to escape these, but OWASP expanded the vulnerable set to include ...

6.5CVSS6.5AI score0.01355EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2021/11/24 7:5 p.m.42 views

CVE-2021-41270

Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula...

6.5CVSS6.6AI score0.01355EPSS
Exploits0
Friends Of PHP
Friends Of PHP
added 2021/11/15 10:47 a.m.50 views

CVE-2021-41270: Prevent CSV Injection via formulas

More info at https://symfony.com/cve-2021-41270...

6.5CVSS7.2AI score0.01355EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2021/11/15 10:47 a.m.35 views

CVE-2021-41270: Prevent CSV Injection via formulas

More info at https://symfony.com/cve-2021-41270...

6.5CVSS7.2AI score0.01355EPSS
Exploits0Affected Software1
Rows per page
Query Builder