Lucene search
MitreCVELIST:CVE-2019-18887HistoryNov 21, 2019 - 10:18 p.m.
CVE-2019-18887
2019-11-2122:18:04
mitre
www.cve.org
5
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
References
github.com/symfony/symfony/releases/tag/v4.3.8
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner
symfony.com/blog/symfony-4-3-8-released
Related
ubuntucve
ubuntucve
CVE-2019-18887
2019-11-21 00:00:00
friendsofphp
friendsofphp
CVE-2019-18887: Use constant time comparison in UriSigner
1970-01-01 00:00:00
CVE-2019-18887: Use constant time comparison in UriSigner
1970-01-01 00:00:00
symfony
symfony
CVE-2019-18887: Use constant time comparison in UriSigner
2019-11-13 00:00:00
debiancve
debiancve
CVE-2019-18887
2019-11-21 23:15:13
prion
prion
Design/Logic Flaw
2019-11-21 23:15:00
osv
osv
Symfony Http-Kernel has non-constant time comparison in UriSigner
2022-03-26 00:22:49
CVE-2019-18887
2019-11-21 23:15:13
symfony - security update
2019-11-18 00:00:00
nvd
nvd
CVE-2019-18887
2019-11-21 23:15:13
github
github
Symfony Http-Kernel has non-constant time comparison in UriSigner
2022-03-26 00:22:49
veracode
veracode
Timing Attack
2019-11-18 04:13:13
cve
cve
CVE-2019-18887
2019-11-21 23:15:13
openvas
openvas
Symfony 2.8.0 <= 2.8.51, 3.4.0 <= 3.4.34, 4.2.0 <= 4.2.11 and 4.3.0 <= 4.3.7 Multiple Vulnerabilities
2019-11-22 00:00:00
Debian: Security Advisory (DSA-4573-1)
2019-11-20 00:00:00
Debian: Security Advisory (DLA-1999-1)
2019-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: php-symfony-2.8.52-1.fc30
2019-11-22 01:22:56
[SECURITY] Fedora 31 Update: php-symfony-2.8.52-1.fc31
2019-11-22 00:48:09
[SECURITY] Fedora 31 Update: php-symfony3-3.4.35-2.fc31
2019-11-22 00:48:10
nessus
nessus
Fedora 31 : php-symfony (2019-5ae4fd9203)
2019-11-22 00:00:00
Fedora 30 : php-symfony (2019-9c2ad3b018)
2019-11-22 00:00:00
Debian DLA-1999-1 : symfony security update
2019-11-20 00:00:00
debian
debian
[SECURITY] [DSA 4573-1] symfony security update
2019-11-18 22:04:18
[SECURITY] [DLA 1999-1] symfony security update
2019-11-19 01:38:11