Количество 6
Количество 6
CVE-2024-50342
symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-50342
symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-50342
symfony/http-client is a module for the Symphony PHP framework which p ...
GHSA-9c3x-r3wp-mgxm
Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient
BDU:2025-07863
Уязвимость компонента http-client программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю получить доступ к конфиденциальным данным
ROS-20250630-03
Множественные уязвимости php-symfony4
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-50342 symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
 | CVE-2024-50342 symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
| CVE-2024-50342 symfony/http-client is a module for the Symphony PHP framework which p ... | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
| GHSA-9c3x-r3wp-mgxm Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
 | BDU:2025-07863 Уязвимость компонента http-client программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю получить доступ к конфиденциальным данным | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
 | ROS-20250630-03 Множественные уязвимости php-symfony4 | CVSS3: 7.3 | около 1 месяца назад |
Уязвимостей на страницу