GHSA-WQQ8-MQJ9-697F PrestaShop autoupgrade module ZIP archives were vulnerable from CVE-2017-9841

Impact We have identified that some autoupgrade module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE. This vulnerability impacts - phpunit before 4.8.28 and 5.x before 5.6.3 as reported in...

PrestaShop autoupgrade module ZIP archives were vulnerable from CVE-2017-9841

Impact We have identified that some autoupgrade module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE. This vulnerability impacts - phpunit before 4.8.28 and 5.x before 5.6.3 as reported in...

PrestaShop module ps_facetedsearch might be vulnerable from CVE-2017-9841

Impact We have identified that some psfacetedsearch module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE. This vulnerability impacts - phpunit before 4.8.28 and 5.x before 5.6.3 as reported ...

GHSA-F884-GM86-CG3Q PrestaShop module ps_facetedsearch might be vulnerable from CVE-2017-9841

Impact We have identified that some psfacetedsearch module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE. This vulnerability impacts - phpunit before 4.8.28 and 5.x before 5.6.3 as reported ...

[SECURITY] Fedora 31 Update: php-symfony3-3.4.35-2.fc31

Symfony PHP framework version 3. NOTE: Does not require PHPUnit bridge...

PHPUnit Command Injection (CVE-2017-9841)

A command injection vulnerability exists in PHPUnit. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary commands in the affected system...

Drupal PHPUnit/Mailchimp Code Execution Vulnerability

The instance of Drupal running on the remote host is affected by a command execution vulnerability. A remote, unauthenticated attacker can exploit this issue, via a specially crafted HTTP request, to execute commands on the remote host. No source data...

Drupal PHPUnit/Mailchimp Code Execution Vulnerability

Binary data drupalcve-2017-9841.nbin...

Arbitrary file deletion

In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to...

DEBIAN-CVE-2019-10912

In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to...

Fedora 30 : php-symfony (2019-0ef4149687)

Version 2.8.50 2019-04-17 - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security cve-2019-10909 FrameworkBundleForm Fix XSS issues in the form theme of the PHP templating engine stof - security cve-2019-10912 PHPUnit Bridge Prevent destructors with side-effects from...

Fedora 30 : php-symfony4 (2019-f5d6a7ce74)

Version 4.2.7 2019-04-17 - bug 31107 Routing fix trailing slash redirection with non-greedy trailing vars nicolas-grekas - bug 31108 FrameworkBundle decorate the ValidatorBuilder's translator with LegacyTranslatorProxy nicolas-grekas - bug 31121 HttpKernel Fix get session when the request stack i...

Fedora 29 : php-symfony (2019-f8db687840)

Version 2.8.50 2019-04-17 - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security cve-2019-10909 FrameworkBundleForm Fix XSS issues in the form theme of the PHP templating engine stof - security cve-2019-10912 PHPUnit Bridge Prevent destructors with side-effects from...

Fedora 29 : php-symfony3 (2019-a3ca65028c)

Version 3.4.26 2019-04-17 - bug 31084 HttpFoundation Make MimeTypeExtensionGuesser case insensitive vermeirentony - bug 31142 Revert 'bug 30423 Security Rework firewall's access denied rule dimabory' chalasr - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security...

Fedora 28 : php-symfony (2019-3ee6a7adf2)

Version 2.8.50 2019-04-17 - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security cve-2019-10909 FrameworkBundleForm Fix XSS issues in the form theme of the PHP templating engine stof - security cve-2019-10912 PHPUnit Bridge Prevent destructors with side-effects from...

[SECURITY] Fedora 29 Update: php-symfony4-4.1.12-1.fc29

Symfony PHP framework version 4. NOTE: Does not require PHPUnit bridge...

[SECURITY] Fedora 29 Update: php-symfony3-3.4.26-1.fc29

Symfony PHP framework version 3. NOTE: Does not require PHPUnit bridge...

[SECURITY] Fedora 28 Update: php-symfony3-3.4.26-1.fc28

Symfony PHP framework version 3. NOTE: Does not require PHPUnit bridge...

[SECURITY] Fedora 30 Update: php-symfony3-3.4.26-1.fc30

Symfony PHP framework version 3. NOTE: Does not require PHPUnit bridge...

8x8: Sensitive data disclosure via exposed phpunit file

Several domains with the development phpunit configuration files exposed without proper restrictions...