Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sensiolabs symfony 2.8.0 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2019-18887
An issue exists in Symfony 2.8.0 up to and including 2.8.50, 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
Sensiolabs Symfony
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-18888
An issue exists in Symfony 2.8.0 up to and including 2.8.50, 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbi...
Sensiolabs Symfony
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
7.2
CVSSv3
CVE-2018-14774
An issue exists in HttpKernel in Symfony 2.7.0 up to and including 2.7.48, 2.8.0 up to and including 2.8.43, 3.3.0 up to and including 3.3.17, 3.4.0 up to and including 3.4.13, 4.0.0 up to and including 4.0.13, and 4.1.0 up to and including 4.1.2. When using HttpCache, the values...
Sensiolabs Symfony
6.5
CVSSv3
CVE-2018-14773
An issue exists in Http Foundation in Symfony 2.7.0 up to and including 2.7.48, 2.8.0 up to and including 2.8.43, 3.3.0 up to and including 3.3.17, 3.4.0 up to and including 3.4.13, 4.0.0 up to and including 4.0.13, and 4.1.0 up to and including 4.1.2. It arises from support for ...
Sensiolabs Symfony
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Drupal Drupal
1 Github repository
9.8
CVSSv3
CVE-2016-2403
Symfony prior to 2.8.6 and 3.x prior to 3.0.6 allows remote malicious users to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
Sensiolabs Symfony 2.8.1
Sensiolabs Symfony 2.8.2
Sensiolabs Symfony 2.8.3
Sensiolabs Symfony 3.0.4
Sensiolabs Symfony 3.0.5
Sensiolabs Symfony 2.8.4
Sensiolabs Symfony 2.8.5
Sensiolabs Symfony 3.0.0
Sensiolabs Symfony 3.0.1
Sensiolabs Symfony 2.8.0
Sensiolabs Symfony 3.0.2
Sensiolabs Symfony 3.0.3
7.5
CVSSv3
CVE-2016-4423
The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony prior to 2.3.41, 2.7.x prior to 2.7.13, 2.8.x prior to 2.8.6, and 3.0.x prior to 3.0.6 does not limit the length of a username stored in a session, whi...
Sensiolabs Symfony 3.0.5
Sensiolabs Symfony 3.0.4
Sensiolabs Symfony 3.0.3
Sensiolabs Symfony 2.7.4
Sensiolabs Symfony 2.7.5
Sensiolabs Symfony 2.7.6
Sensiolabs Symfony 2.7.7
Sensiolabs Symfony 2.8.4
Sensiolabs Symfony 2.8.3
Sensiolabs Symfony 2.8.2
Sensiolabs Symfony 2.8.1
Sensiolabs Symfony 2.7.12
Sensiolabs Symfony
Sensiolabs Symfony 3.0.2
Sensiolabs Symfony 3.0.0
Sensiolabs Symfony 2.7.0
Sensiolabs Symfony 2.7.2
Sensiolabs Symfony 2.7.9
Sensiolabs Symfony 2.7.11
Sensiolabs Symfony 3.0.1
Sensiolabs Symfony 2.8.5
Sensiolabs Symfony 2.8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started