CVE-2025-30059

In the PrepareCDExportJSON.pl service, the "getPerfServiceIds" function is vulnerable to SQL injection...

openSUSE: Security Advisory for rmt-server (openSUSE-SU-2019:1824-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Symfony Service IDs Allow Injection

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection...

GHSA-PGWJ-PRPQ-JPC2 Symfony Service IDs Allow Injection

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection...

OPENSUSE-SU-2019:1824-1 Security update for rmt-server

This update for rmt-server to version 2.3.1 fixes the following issues: - Fix mirroring logic when errors are encountered bsc1140492 - Refactor RMT::Mirror to download metadata/licenses in parallel - Check repo metadata GPG signatures during mirroring bsc1132690 - Add rmt-server-config subpackage...

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1973-1)

This update for rmt-server to version 2.3.1 fixes the following issues : Fix mirroring logic when errors are encountered bsc1140492 Refactor RMT::Mirror to download metadata/licenses in parallel Check repo metadata GPG signatures during mirroring bsc1132690 Add rmt-server-config subpackage with...

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1381-1)

This update for rmt-server to version 2.1.4 fixes the following issues : Fix duplicate nginx location in rmt-server-pubcloud bsc1135222 Mirror additional repos that were enabled during mirroring bsc1132690 Make service IDs consistent across different RMT instances bsc1134428 Make SMT data import...

Sql injection

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection...

Fedora 29 : php-symfony4 (2019-32067d8b15)

Version 4.1.12 2019-04-17 - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security cve-2019-10909 FrameworkBundleForm Fix XSS issues in the form theme of the PHP templating engine stof - security cve-2019-10912 CachePHPUnit Bridge Prevent destructors with side-effects fr...

Remote Code Execution (RCE)

symfony/symfony is vulnerable to remote code execution. A lack of validation in the service IDs that are derived from user input could allow a remote attacker to execute arbitrary code on the host...

DRUPAL-CORE-2019-005

This security release fixes third-party dependencies included in or required by Drupal core. CVE-2019-10909: Escape validation messages in the PHP templating engine. From that advisory: Validation messages were not escaped when using the form theme of the PHP templating engine which, when...

CVE-2019-10910: Check service IDs are valid

More info at https://symfony.com/cve-2019-10910...

CVE-2019-10910: Check service IDs are valid

More info at https://symfony.com/cve-2019-10910...

CVE-2019-10910: Check service IDs are valid

More info at https://symfony.com/cve-2019-10910...