Symfony — фреймворк c открытым исходным кодом, написанный на PHP.
Релизный цикл, информация об уязвимостях
График релизов
Количество 244
GHSA-cr49-fx2v-9p57
Symfony Denial of Service Via Long Password Hashing
GHSA-whgv-8cg3-7hcm
Symphony Denial of Service Via Overlong Usernames
GHSA-jjx5-fq5g-8xpc
Symfony Cryptographic Vulnerability
GHSA-5c58-w9xc-qcj9
Symfony Vulnerable to PHP Eval Injection
GHSA-g97c-jfx6-xvxh
Symfony Vulnerable to Timing Attack
GHSA-qmqw-mpqp-mr54
Symfony Incorrect Access Control
GHSA-9j54-wmcm-g7mf
Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes."
GHSA-hf4c-m2jg-33qx
lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request.
GHSA-2r5h-6r7v-5m7c
Symphony Vulnerable to PHP Code Injection via YAML Parsing
GHSA-7w53-hfpw-rg3g
Symfony Arbitrary PHP code Execution
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-cr49-fx2v-9p57 Symfony Denial of Service Via Long Password Hashing | 0% Низкий | около 3 лет назад | |
| GHSA-whgv-8cg3-7hcm Symphony Denial of Service Via Overlong Usernames | CVSS3: 7.5 | 1% Низкий | около 3 лет назад |
| GHSA-jjx5-fq5g-8xpc Symfony Cryptographic Vulnerability | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| GHSA-5c58-w9xc-qcj9 Symfony Vulnerable to PHP Eval Injection | 1% Низкий | около 3 лет назад | |
| GHSA-g97c-jfx6-xvxh Symfony Vulnerable to Timing Attack | 1% Низкий | около 3 лет назад | |
| GHSA-qmqw-mpqp-mr54 Symfony Incorrect Access Control | 76% Высокий | около 3 лет назад | |
| GHSA-9j54-wmcm-g7mf Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes." | 1% Низкий | около 3 лет назад | |
| GHSA-hf4c-m2jg-33qx lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request. | 0% Низкий | около 3 лет назад | |
| GHSA-2r5h-6r7v-5m7c Symphony Vulnerable to PHP Code Injection via YAML Parsing | 1% Низкий | около 3 лет назад | |
| GHSA-7w53-hfpw-rg3g Symfony Arbitrary PHP code Execution | 1% Низкий | около 3 лет назад |
Уязвимостей на страницу