The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Symfony

Symfony: privilege escalation via AbstractToken-hasUserChanged
An attacker can bypass restrictions via AbstractToken::hasUserChanged() of Symfony, in order to escalate his privileges...
VIGILANCE-VUL-32403
Symfony: Cross Site Request Forgery via LogoutListener
An attacker can trigger a Cross Site Request Forgery via LogoutListener of Symfony, in order to force the victim to perform operations...
36814, VIGILANCE-VUL-32390
Symfony: information disclosure via ErrorHandler
An attacker can bypass access restrictions to data via ErrorHandler of Symfony, in order to obtain sensitive information...
CVE-2020-5274, VIGILANCE-VUL-31910
Symfony: privilege escalation via Firewall accessDecisionManager
An attacker can bypass restrictions via Firewall accessDecisionManager of Symfony, in order to escalate his privileges...
CVE-2020-5275, VIGILANCE-VUL-31909
Symfony: spoofing via Content-Type Cache Poisoning
An attacker can create spoofed data via Content-Type Cache Poisoning of Symfony, in order to deceive the victim...
CVE-2020-5255, VIGILANCE-VUL-31908
Symfony: privilege escalation via MimeTypeGuesser Argument Injection
An attacker can bypass restrictions via MimeTypeGuesser Argument Injection of Symfony, in order to escalate his privileges...
CVE-2019-18888, DLA-1999-1, DSA-4573-1, FEDORA-2019-8b0ba02338, VIGILANCE-VUL-30864
Symfony: information disclosure via UriSigner Time Comparison
An attacker can bypass access restrictions to data via UriSigner Time Comparison of Symfony, in order to obtain sensitive information...
CVE-2019-18887, DLA-1999-1, DSA-4573-1, FEDORA-2019-5ae4fd9203, FEDORA-2019-8b0ba02338, FEDORA-2019-9c2ad3b018, VIGILANCE-VUL-30863
Symfony: information disclosure via Switch User Enumeration
An attacker can bypass access restrictions to data via Switch User Enumeration of Symfony, in order to obtain sensitive information...
CVE-2019-18886, DLA-1999-1, VIGILANCE-VUL-30862
Symfony: Cross Site Scripting via VarExporter
An attacker can trigger a Cross Site Scripting via VarExporter of Symfony, in order to run JavaScript code in the context of the web site...
CVE-2019-11325, VIGILANCE-VUL-30861
jQuery, Symfony: Cross Site Scripting via templates
An attacker can trigger a Cross Site Scripting via templates for Symfony, in order to run JavaScript code in the context of the web site...
bulletinoct2019, CERTFR-2019-AVI-180, cpujan2020, cpuoct2019, CVE-2019-10909, CVE-2019-11358, DLA-1777-1, DLA-1777-2, DLA-1778-1, DLA-1797-1, DLA-2118-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4434-1, DSA-4441-1, FEDORA-2019-2a7f472198, FEDORA-2019-32067d8b15, FEDORA-2019-3ee6a7adf2, FEDORA-2019-a3ca65028c, FEDORA-2019-f8db687840, ibm10882578, ibm10882596, ibm10882756, ibm10882762, ibm10882952, ibm10882956, openSUSE-SU-2019:1839-1, openSUSE-SU-2019:1872-1, RHSA-2019:1456-01, Synology-SA-19:19, TYPO3-CORE-SA-2019-009, TYPO3-CORE-SA-2019-010, TYPO3-CORE-SA-2019-011, TYPO3-CORE-SA-2019-012, TYPO3-CORE-SA-2019-013, TYPO3-PSA-2019-004, TYPO3-PSA-2019-005, TYPO3-PSA-2019-006, VIGILANCE-VUL-29070
Our database contains other pages. You can request a free trial to read them.

Display information about Symfony: