Lucene search
K

9 matches found

OSV
OSV
added 2024/11/29 9:31 p.m.13 views

GHSA-7Q22-X757-CMGC Withdrawn Advisory: Symfony http-security has authentication bypass

Withdrawn Advisory This advisory has been withdrawn because the report is not part of a valid vulnerability. This link is maintained to preserve external references. For more information, see advisory-database/pull/5046. Original Description In Symfony, a security vulnerability was identified in...

8.8CVSS7.6AI score0.00761EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/11/29 9:31 p.m.33 views

Withdrawn Advisory: Symfony http-security has authentication bypass

Withdrawn Advisory This advisory has been withdrawn because the report is not part of a valid vulnerability. This link is maintained to preserve external references. For more information, see advisory-database/pull/5046. Original Description In Symfony, a security vulnerability was identified in...

7.5CVSS7.6AI score0.00761EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2024/11/29 7:15 p.m.14 views

CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.5CVSS0.00761EPSS
Exploits0References5
OSV
OSV
added 2024/11/29 7:15 p.m.5 views

CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.5CVSS7.6AI score
Exploits0References5
OSV
OSV
added 2024/11/29 7:15 p.m.2 views

UBUNTU-CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.5CVSS5.8AI score0.00761EPSS
Exploits0References7
CVE
CVE
added 2024/11/29 12:0 a.m.66 views

CVE-2024-36611

CVE-2024-36611 concerns Symfony v7.07 FormLoginAuthenticator with empty username/password handling. The connected documents reiterate the affected component and potential issues (authentication handling/DoS), but the supplier notes this is a false report. No additional technical details or confir...

7.5CVSS7.6AI score0.00761EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.18 views

CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

0.00761EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.9 views

CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.6AI score0.00761EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/02/07 12:0 a.m.5 views

PT-2024-9246 · Symfony +1 · Symfony +1

Name of the Vulnerable Software and Affected Versions: Symfony version 7.07 Description: A security issue was identified in the FormLoginAuthenticator component of Symfony, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could...

7.8CVSS6.8AI score0.00761EPSS
Exploits0References23
Rows per page
Query Builder