Lucene search
+L

4 matches found

OSV
OSV
added 4 days ago8 views

DEBIAN-CVE-2026-48489

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, DefaultAuthenticationFailureHandler honored the request-supplied failurepath parameter when failureforward: true was enabled, allowing an unauthenticated...

7.5CVSS6.1AI score0.00465EPSS
Exploits0References1
OSV
OSV
added 4 days ago4 views

CVE-2026-48489 Symfony: Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access to access_control-Protected GET Routes

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, DefaultAuthenticationFailureHandler honored the request-supplied failurepath parameter when failureforward: true was enabled, allowing an unauthenticated...

8.7CVSS6.1AI score0.00465EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.12 views

Debian dsa-6317 : php-symfony - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6317 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6317-1 [email protected] https://www.debian.org/securit...

9.1CVSS6.2AI score0.63422EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.22 views

Linux Distros Unpatched Vulnerability : CVE-2026-48489

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13,...

8.7CVSS6.1AI score0.00465EPSS
Exploits0References3
Rows per page
Query Builder