Lucene search
+L

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 1:14 a.m.27 views

Symfony DoS

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

5.9CVSS6.7AI score0.01607EPSS
Exploits0References10Affected Software2
OSV
OSV
added 2018/12/18 10:29 p.m.24 views

CVE-2018-19790

An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the failurepath input field of login forms, an attacker can work around the redirection target restrictio...

6.1CVSS6.5AI score0.01485EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2018/06/13 4:29 p.m.28 views

CVE-2018-11385

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web...

8.1CVSS7.2AI score0.02014EPSS
Exploits0References5
Prion
Prion
added 2018/06/13 4:29 p.m.24 views

Cross site request forgery (csrf)

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the...

6.8CVSS8.5AI score0.00761EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2018/06/13 4:29 p.m.23 views

CVE-2018-11386

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

5.9CVSS5.9AI score0.01607EPSS
Exploits0References5
Rows per page
Query Builder