EUVD-2022-4922

Malicious code in bioql PyPI...

Symfony2 improper IP based access control

Damien Tournoud, from the Drupal security team, contacted us two days ago about a security issue in the Request::getClientIp method when the trust proxy mode is enabled Request::trustProxyData. An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp...

GHSA-HX53-JCHX-CR52 Symfony2 improper IP based access control

Damien Tournoud, from the Drupal security team, contacted us two days ago about a security issue in the Request::getClientIp method when the trust proxy mode is enabled Request::trustProxyData. An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp...

GHSA-MMCV-FVQ8-R9X3 Symfony XML decoding attack vector through external entities

The XMLEncoder component of Symfony 2.0.x fails to disable external entities when parsing XML. In the Symfony2 framework the XML class may be used to deserialize objects or as part of a client/server API. By using external entities it is possible to include arbitrary files from the file system...

Symfony2 security issue when the trust proxy mode is enabled

An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies method...

CVE-2013-4751

php-symfony2-Validator has loss of information during serialization...

Session fixation

php-symfony2-Validator has loss of information during serialization...

CVE-2013-4751

php-symfony2-Validator has loss of information during serialization...

CVE-2013-4751

The CVE-2013-4751 entry concerns Symfony2 Validator, where a caching path (e.g., APCache or other CacheInterface implementations) leads to loss of serialization data in the Mapping Cache. The consequence described in connected documents is that when the validator’s configuration is loaded from th...

[SECURITY] Fedora 21 Update: php-guzzle-Guzzle-3.9.3-5.fc21

Guzzle takes the pain out of sending HTTP requests and the redundancy out of creating web service clients. Guzzle is a framework that includes the tools needed to create a robust web service client, including: Service descriptions for defining the inputs and outputs of an API, resource iterators...

[SECURITY] Fedora 22 Update: php-guzzle-Guzzle-3.9.3-5.fc22

Guzzle takes the pain out of sending HTTP requests and the redundancy out of creating web service clients. Guzzle is a framework that includes the tools needed to create a robust web service client, including: Service descriptions for defining the inputs and outputs of an API, resource iterators...

Symfony2 - Local File Disclosure

No description provided by source. Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information...

Fedora Update for php-symfony2-Validator FEDORA-2013-22422

Check for the Version of php-symfony2-Validator OpenVAS Vulnerability Test Fedora Update for php-symfony2-Validator FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute i...

Fedora Update for php-symfony2-Console FEDORA-2013-22422

Check for the Version of php-symfony2-Console OpenVAS Vulnerability Test Fedora Update for php-symfony2-Console FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Fedora Update for php-symfony2-Security FEDORA-2013-22422

Check for the Version of php-symfony2-Security OpenVAS Vulnerability Test Fedora Update for php-symfony2-Security FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Fedora Update for php-symfony2-BrowserKit FEDORA-2013-22422

Check for the Version of php-symfony2-BrowserKit OpenVAS Vulnerability Test Fedora Update for php-symfony2-BrowserKit FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute...

Fedora Update for php-symfony2-DomCrawler FEDORA-2013-22422

Check for the Version of php-symfony2-DomCrawler OpenVAS Vulnerability Test Fedora Update for php-symfony2-DomCrawler FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute...

Fedora Update for php-symfony2-Yaml FEDORA-2013-22422

Check for the Version of php-symfony2-Yaml OpenVAS Vulnerability Test Fedora Update for php-symfony2-Yaml FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for php-symfony2-Serializer FEDORA-2013-22422

Check for the Version of php-symfony2-Serializer OpenVAS Vulnerability Test Fedora Update for php-symfony2-Serializer FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute...

Fedora Update for php-symfony2-CssSelector FEDORA-2013-22422

Check for the Version of php-symfony2-CssSelector OpenVAS Vulnerability Test Fedora Update for php-symfony2-CssSelector FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...