Логотип exploitDog
bind:CVE-2024-50345
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2024-50345

Количество 6

Количество 6

ubuntu логотип

CVE-2024-50345

9 месяцев назад

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS3: 3.1
EPSS: Низкий
nvd логотип

CVE-2024-50345

9 месяцев назад

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS3: 3.1
EPSS: Низкий
debian логотип

CVE-2024-50345

9 месяцев назад

symfony/http-foundation is a module for the Symphony PHP framework whi ...

CVSS3: 3.1
EPSS: Низкий
github логотип

GHSA-mrqx-rp3w-jpjp

9 месяцев назад

Symfony vulnerable to open redirect via browser-sanitized URLs

CVSS3: 3.1
EPSS: Низкий
fstec логотип

BDU:2025-07865

9 месяцев назад

Уязвимость компонента http-foundation программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 3.1
EPSS: Низкий
redos логотип

ROS-20250630-03

около 1 месяца назад

Множественные уязвимости php-symfony4

CVSS3: 7.3
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2024-50345

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS3: 3.1
0%
Низкий
9 месяцев назад
nvd логотип
CVE-2024-50345

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS3: 3.1
0%
Низкий
9 месяцев назад
debian логотип
CVE-2024-50345

symfony/http-foundation is a module for the Symphony PHP framework whi ...

CVSS3: 3.1
0%
Низкий
9 месяцев назад
github логотип
GHSA-mrqx-rp3w-jpjp

Symfony vulnerable to open redirect via browser-sanitized URLs

CVSS3: 3.1
0%
Низкий
9 месяцев назад
fstec логотип
BDU:2025-07865

Уязвимость компонента http-foundation программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 3.1
0%
Низкий
9 месяцев назад
redos логотип
ROS-20250630-03

Множественные уязвимости php-symfony4

CVSS3: 7.3
около 1 месяца назад

Уязвимостей на страницу