Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.1 views

Astra Linux - уязвимость в symfony

Symfony/http-foundation is a module for the Symphony PHP framework that defines an object-oriented layer for handling HTTP requests. The Request class does not parse URIs containing special characters in the same way that browsers do. As a result, attackers can trick validators that rely on the...

6.1CVSS5.7AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2024-50345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The Request class, does no...

6.1CVSS5.8AI score0.00394EPSS
Exploits0References2
Veracode
Veracodeadded 2024/11/20 3:42 a.m.4 views

Improper URI Parsing

symfony/http-foundation is vulnerable to Improper URI Parsing. The vulnerability is due to improper parsing of URIs with special characters by the Request class, which does not align with browser behavior, allowing attackers to exploit validators and redirect users to malicious domains...

6.1CVSS6.5AI score0.00394EPSS
Exploits0References9Affected Software1
OSV
OSVadded 2024/11/06 9:15 p.m.0 views

UBUNTU-CVE-2024-50345

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The Request class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the Request class...

6.1CVSS7AI score0.00394EPSS
Exploits0References5
OSV
OSVadded 2024/11/06 8:56 p.m.11 views

CVE-2024-50345 Open redirect via browser-sanitized URLs in symfony/http-foundation

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The Request class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the Request class...

3.1CVSS4.3AI score0.00394EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2019/05/16 9:15 p.m.32 views

CVE-2019-10913

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to...

9.8CVSS10AI score0.00257EPSS
Exploits0
CVE
CVEadded 2019/05/16 9:15 p.m.546 views

CVE-2019-10913

CVE-2019-10913 affects the Symfony PHP framework's HTTP Foundation. Versions vulnerable include Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7. The issue: HTTP methods provided as verbs or via the X-Http-Method-Override header may be treat...

9.8CVSS9.7AI score0.00257EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder