10 matches found
EUVD-2019-0777
Malware in sbrugna...
DEBIAN-CVE-2021-21424
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...
Code injection
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...
CVE-2021-21424
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...
CVE-2021-21424
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...
CVE-2021-21424 Prevent user enumeration using Guard or the new Authenticator-based Security
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...
PT-2021-3445 · Symfony +3 · Symfony +3
Name of the Vulnerable Software and Affected Versions: Symfony versions prior to 3.4 Description: The issue is related to information disclosure, allowing a remote attacker to gain unauthorized access to protected information. The vulnerability is caused by the ability to enumerate users without...
DEBIAN-CVE-2019-18886
An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security...
CVE-2019-18886
An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security...
CVE-2019-18886
CVE-2019-18886 affects Symfony 4.2.0–4.2.11 and 4.3.0–4.3.7. The root cause is in the switch_user handling in symfony/security, where differences in whether a user existed during unauthorized switch attempts allowed user enumeration. The vulnerability enables an information disclosure vector via ...