Lucene search
K

7 matches found

OSV
OSV
added 2026/05/27 9:12 p.m.7 views

GHSA-6439-2F28-8P8Q Symfony's HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

Description Symfony's IsGranted'...', IsSignatureValid, and IsCsrfTokenValid... attributes allow you to define a methods: ... argument to only enforce these checks for the listed HTTP methods and skip them otherwise. E.g. an attribute defining methods: 'GET' would be ignored for a HEAD request. O...

8.6CVSS5.8AI score0.00052EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/05/27 9:12 p.m.14 views

Symfony's HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

Description Symfony's IsGranted'...', IsSignatureValid, and IsCsrfTokenValid... attributes allow you to define a methods: ... argument to only enforce these checks for the listed HTTP methods and skip them otherwise. E.g. an attribute defining methods: 'GET' would be ignored for a HEAD request. O...

5.8AI score0.00052EPSS
Exploits0References7Affected Software3
Snyk
Snyk
added 2026/05/20 3:35 p.m.9 views

Incorrect Authorization

Overview symfony/http-kernel is a Symfony component that provides a structured process for converting a Request into a Response. Affected versions of this package are vulnerable to Incorrect Authorization in the router due to the improper enforcement of IsGranted, IsSignatureValid, and...

8.6CVSS5.8AI score0.00052EPSS
Exploits0References2
Friends Of PHP
Friends Of PHP
added 2026/05/20 8:0 a.m.14 views

CVE-2026-45075: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

More info at https://symfony.com/cve-2026-45075...

5.8AI score0.00052EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2026/05/20 8:0 a.m.13 views

CVE-2026-45075: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

More info at https://symfony.com/cve-2026-45075...

5.8AI score0.00052EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2026/05/20 8:0 a.m.12 views

CVE-2026-45075: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

More info at https://symfony.com/cve-2026-45075...

5.8AI score0.00052EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2018/05/31 12:0 a.m.5 views

Symantec Advanced Secure Gateway and ProxySG Authentication Bypass Vulnerability

Symantec Advanced Secure Gateway ASG and ProxySG are both security gateway appliances from Symantec USA. An authentication bypass vulnerability exists in Symantec ASG and ProxySG. A remote attacker could use this vulnerability to bypass authentication security controls in ASG and ProxySG by...

9.8CVSS7.1AI score0.04798EPSS
Exploits0References1
Rows per page
Query Builder