exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-50342

12 месяцев назад

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS3: 3.1

EPSS: Низкий

CVE-2024-50342

12 месяцев назад

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS3: 3.1

EPSS: Низкий

CVE-2024-50342

12 месяцев назад

symfony/http-client is a module for the Symphony PHP framework which p ...

CVSS3: 3.1

EPSS: Низкий

GHSA-9c3x-r3wp-mgxm

12 месяцев назад

Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient

CVSS3: 3.1

EPSS: Низкий

BDU:2025-07863

около 1 года назад

Уязвимость компонента http-client программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 3.1

EPSS: Низкий

ROS-20250630-03

4 месяца назад

Множественные уязвимости php-symfony4

CVSS3: 7.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-50342 symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.	CVSS3: 3.1	0% Низкий	12 месяцев назад
CVE-2024-50342 symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.	CVSS3: 3.1	0% Низкий	12 месяцев назад
CVE-2024-50342 symfony/http-client is a module for the Symphony PHP framework which p ...	CVSS3: 3.1	0% Низкий	12 месяцев назад
GHSA-9c3x-r3wp-mgxm Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient	CVSS3: 3.1	0% Низкий	12 месяцев назад
BDU:2025-07863 Уязвимость компонента http-client программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю получить доступ к конфиденциальным данным	CVSS3: 3.1	0% Низкий	около 1 года назад
ROS-20250630-03 Множественные уязвимости php-symfony4	CVSS3: 7.3		4 месяца назад

Уязвимостей на страницу