Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2022-24894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It...

8.8CVSS6.8AI score0.00753EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/12 12:0 a.m.40 views

Debian dla-3493 : php-symfony - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3493 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3493-1 [email protected]...

8.8CVSS6.8AI score0.01712EPSS
Exploits0References8
Debian
Debian
added 2023/07/11 11:19 p.m.31 views

[SECURITY] [DLA 3493-1] symfony security update

Debian LTS Advisory DLA-3493-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin July 11, 2023 https://wiki.debian.org/LTS Package : symfony Version : 3.4.22+dfsg-2+deb10u2 CVE ID : CVE-2021-21424 CVE-2022-24894 CVE-2022-24895 Multiple security vulnerabilities were...

8.8CVSS6.6AI score0.01712EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/11 12:0 a.m.46 views

Fedora 37 : php-symfony4 (2023-74b702f058)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-74b702f058 advisory. Version 4.4.50 2023-02-01 security cve-2022-24895 Security/Http Remove CSRF tokens from storage on successful login nicolas-grekas security...

8.8CVSS7.1AI score0.0079EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/02/11 12:0 a.m.19 views

Fedora: Security Advisory for php-symfony4 (FEDORA-2023-aecde14648)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.0079EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/06 12:0 a.m.19 views

Symfony Multiple Vulnerabilities (GHSA-h7vf-5wrv-9fhv, GHSA-3gv2-29qc-v67m)

Symfony is prone to multiple vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.0079EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/03 9:46 p.m.10 views

CVE-2022-24894 Symfony storing cookie headers in HttpCache

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses including headers and returns them to the clients. In a recent change in the AbstractSessionListener, the response...

5.9CVSS6.9AI score0.00753EPSS
Exploits0References3
CVE
CVE
added 2023/02/03 9:46 p.m.177 views

CVE-2022-24894

Mode C: CVE-2022-24894 affects Symfony (PHP framework) where the HTTP cache system can inadvertently store a response containing a Set-Cookie header and serve it to subsequent clients. Root cause: a change in AbstractSessionListener allows the response to include Set-Cookie when HTTP caching is e...

8.8CVSS6.9AI score0.00753EPSS
Exploits0References3Affected Software1
Friends Of PHP
Friends Of PHP
added 2023/02/01 8:0 a.m.27 views

CVE-2022-24894: Prevent storing cookie headers in HttpCache

More info at https://symfony.com/cve-2022-24894...

8.8CVSS7.2AI score0.00753EPSS
Exploits0Affected Software1
Rows per page
Query Builder