Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 1:14 a.m.27 views

Symfony DoS

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

5.9CVSS6.7AI score0.01607EPSS
Exploits0References10Affected Software2
UbuntuCve
UbuntuCve
added 2018/06/13 4:29 p.m.28 views

CVE-2018-11385

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web...

8.1CVSS7.2AI score0.02014EPSS
Exploits0References5
Prion
Prion
added 2018/06/13 4:29 p.m.23 views

Cross site request forgery (csrf)

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the...

6.8CVSS8.5AI score0.00761EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2018/06/13 4:29 p.m.23 views

CVE-2018-11386

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

5.9CVSS5.9AI score0.01607EPSS
Exploits0References5
Rows per page
Query Builder