11 matches found
Astra Linux - уязвимость в symfony
symfony/validator is a module for the Symphony PHP framework that provides tools for validating values. It’s possible to trick a Validator configured with a regular expression using the $ metacharacter, especially when the input ends with \n. Starting from versions 5.4.43, 6.4.11, and 7.1.4,...
EUVD-2024-3249
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-50343
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a Validator configured with a...
DEBIAN-CVE-2024-50343
symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the D...
UBUNTU-CVE-2024-50343
symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the D...
CVE-2024-50343 Incorrect response from Validator when input ends with `\n` in symfony/validator
symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the D...
CVE-2024-50343 Incorrect response from Validator when input ends with `\n` in symfony/validator
symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the D...
CVE-2024-50343
symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the D...
CVE-2024-50343
CVE-2024-50343 affects the Symfony PHP framework’s validator component (symfony/validator). An input ending with a newline could bypass validation when using regular expressions configured with the $ metacharacter; Symfony versions 5.4.43, 6.4.11, and 7.1.4 now apply the D modifier to ensure the ...
Misinterpretation of Input
Overview Affected versions of this package are vulnerable to Misinterpretation of Input containing a \n. Several validations expect line ending characters to be matched by $, but a malicious user can bypass those validations to cause invalid input to be treated as valid. Remediation Upgrade...
XML Entity Expansion (XEE)
symfony/validator is vulnerable to XML Entity Expansion. The vulnerability is caused by improper XML parsing configuration, which could result in XML Entity Expansion XEE attacks that can lead to excessive memory use and potential Denial of Service DoS...