Lucene search
MitreCVELIST:CVE-2019-18889HistoryNov 21, 2019 - 10:21 p.m.
CVE-2019-18889
2019-11-2122:21:42
mitre
www.cve.org
4
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
References
github.com/symfony/symfony/releases/tag/v4.3.8
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
symfony.com/blog/symfony-4-3-8-released
Related
symfony
symfony
nvd
nvd
CVE-2019-18889
2019-11-21 23:15:13
openvas
openvas
osv
osv
Symfony Unsafe Cache Serialization Could Enable RCE
2019-12-02 18:07:16
CVE-2019-18889
2019-11-21 23:15:13
ubuntucve
ubuntucve
CVE-2019-18889
2019-11-21 00:00:00
debiancve
debiancve
CVE-2019-18889
2019-11-21 23:15:13
prion
prion
Code injection
2019-11-21 23:15:00
veracode
veracode
Remote Code Execution
2019-11-18 03:53:15
symantec
symantec
Symfony CVE-2019-18889 Multiple Remote Code Execution Vulnerabilities
2019-11-13 00:00:00
github
github
Symfony Unsafe Cache Serialization Could Enable RCE
2019-12-02 18:07:16
cve
cve
CVE-2019-18889
2019-11-21 23:15:13
friendsofphp
friendsofphp
fedora
fedora
[SECURITY] Fedora 31 Update: php-symfony3-3.4.35-2.fc31
2019-11-22 00:48:10
nessus
nessus
Fedora 31 : php-symfony3 (2019-8b0ba02338)
2019-11-22 00:00:00
Debian DSA-4573-1 : symfony - security update
2019-11-20 00:00:00
debian
debian
[SECURITY] [DSA 4573-1] symfony security update
2019-11-18 22:04:18