Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-4441-1:6ED3B
HistoryMay 10, 2019 - 6:26 a.m.

[SECURITY] [DSA 4441-1] symfony security update

2019-05-1006:26:19
lists.debian.org
19

EPSS

0.878

Percentile

98.7%

JSON

Debian Security Advisory DSA-4441-1 [email protected]
https://www.debian.org/security/ Sebastien Delafond
May 10, 2019 https://www.debian.org/security/faq

Package : symfony
CVE ID : CVE-2018-14773 CVE-2018-19789 CVE-2018-19790 CVE-2019-10909
CVE-2019-10910 CVE-2019-10911 CVE-2019-10912 CVE-2019-10913

Multiple vulnerabilities were discovered in the Symfony PHP framework
which could lead to cache bypass, authentication bypass, information
disclosure, open redirect, cross-site request forgery, deletion of
arbitrary files, or arbitrary code execution.

For the stable distribution (stretch), these problems have been fixed in
version 2.8.7+dfsg-1.3+deb9u2.

We recommend that you upgrade your symfony packages.

For the detailed security status of symfony please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/symfony

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9allphp-symfony-http-kernel< 2.8.7+dfsg-1.3+deb9u2php-symfony-http-kernel_2.8.7+dfsg-1.3+deb9u2_all.deb
Debian8allphp-symfony-css-selector< 2.3.21+dfsg-4+deb8u4php-symfony-css-selector_2.3.21+dfsg-4+deb8u4_all.deb
Debian8allphp-symfony-security< 2.3.21+dfsg-4+deb8u4php-symfony-security_2.3.21+dfsg-4+deb8u4_all.deb
Debian8allphp-symfony-swiftmailer-bridge< 2.3.21+dfsg-4+deb8u4php-symfony-swiftmailer-bridge_2.3.21+dfsg-4+deb8u4_all.deb
Debian9allphp-symfony-asset< 2.8.7+dfsg-1.3+deb9u2php-symfony-asset_2.8.7+dfsg-1.3+deb9u2_all.deb
Debian8allphp-symfony-dom-crawler< 2.3.21+dfsg-4+deb8u4php-symfony-dom-crawler_2.3.21+dfsg-4+deb8u4_all.deb
Debian8allphp-symfony-framework-bundle< 2.3.21+dfsg-4+deb8u4php-symfony-framework-bundle_2.3.21+dfsg-4+deb8u4_all.deb
Debian8allphp-symfony-http-foundation< 2.3.21+dfsg-4+deb8u5php-symfony-http-foundation_2.3.21+dfsg-4+deb8u5_all.deb
Debian9allphp-symfony-locale< 2.8.7+dfsg-1.3+deb9u2php-symfony-locale_2.8.7+dfsg-1.3+deb9u2_all.deb
Debian8allphp-symfony-finder< 2.3.21+dfsg-4+deb8u5php-symfony-finder_2.3.21+dfsg-4+deb8u5_all.deb
Rows per page:
1-10 of 1291

Related

debian 3
nessus 25
openvas 25
osv 19
fedora 21
freebsd 1
drupal 3
ibm 2
thn 2
friendsofphp 24
symfony 8
ubuntucve 8
cve 8
debiancve 8
cvelist 8
veracode 8
nvd 8
prion 8
github 8
typo3 1
redhatcve 1
debian
debian
[SECURITY] [DSA 4441-1] symfony security update
2019-05-10 06:26:19
[SECURITY] [DLA 1778-1] symfony security update
2019-05-06 19:15:39
[SECURITY] [DLA 1707-1] symfony security update
2019-03-10 01:19:23
nessus
nessus
Debian DSA-4441-1 : symfony - security update
2019-05-13 00:00:00
Fedora 29 : php-symfony4 (2019-32067d8b15)
2019-04-29 00:00:00
Fedora 28 : php-symfony (2019-3ee6a7adf2)
2019-04-29 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4441-1)
2019-05-11 00:00:00
Symfony 2.7.x < 2.7.51, 2.8.x < 2.8.50, 3.x < 3.4.26, 4.x < 4.1.12, 4.2.x < 4.2.7 Multiple Vulnerabilities
2019-05-20 00:00:00
Debian: Security Advisory (DLA-1778-1)
2019-05-07 00:00:00
osv
osv
symfony - security update
2019-05-10 00:00:00
symfony - security update
2019-05-06 00:00:00
symfony - security update
2019-03-09 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: php-symfony4-4.1.12-1.fc29
2019-04-27 23:12:03
[SECURITY] Fedora 29 Update: php-symfony-2.8.51-1.fc29
2019-04-27 23:12:01
[SECURITY] Fedora 30 Update: php-symfony-2.8.51-1.fc30
2019-04-27 21:35:08
freebsd
freebsd
drupal -- Drupal core - Moderately critical
2019-04-17 00:00:00
drupal
drupal
Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005
2019-04-17 00:00:00
Drupal Core - 3rd-party libraries -SA-CORE-2018-005
2018-08-01 00:00:00
Drupal Core - 3rd-party libraries -SA-CORE-2018-005
2018-08-01 00:00:00
ibm
ibm
Security Bulletin: IBM API Connect's Developer Portal is impacted by vulnerabilities in Drupal core (CVE-2019-10909 CVE-2019-10910 CVE-2019-10911 CVE-2019-11358)
2019-05-31 13:40:01
Security Bulletin: IBM API Connect is impacted by a Drupal 8 vulnerability (CVE-2018-14773)
2018-08-23 16:19:33
thn
thn
Drupal Releases Core CMS Updates to Patch Several Vulnerabilities
2019-04-17 21:51:00
Symfony Flaw Leaves Drupal Sites Vulnerable to Hackers—Patch Now
2018-08-03 11:13:00
friendsofphp
friendsofphp
CVE-2018-19790: Open Redirect Vulnerability on login
2018-11-06 11:52:00
CVE-2018-19790: Open Redirect Vulnerability on login
2018-11-06 11:52:00
CVE-2018-19790: Open Redirect Vulnerability on login
2018-11-06 11:52:00
symfony
symfony
CVE-2018-19789: Disclosure of uploaded files full path
2018-12-06 00:00:00
CVE-2018-19790: Open Redirect Vulnerability when using Security\Http
2018-12-06 00:00:00
CVE-2019-10909: Escape validation messages in the PHP templating engine
2019-04-17 00:00:00
ubuntucve
ubuntucve
CVE-2018-19789
2018-12-18 00:00:00
CVE-2019-10909
2019-05-16 00:00:00
CVE-2018-14773
2018-08-03 00:00:00
cve
cve
CVE-2018-19789
2018-12-18 22:29:04
CVE-2019-10909
2019-05-16 22:29:00
CVE-2019-10912
2019-05-16 22:29:00
debiancve
debiancve
CVE-2018-19789
2018-12-18 22:29:04
CVE-2019-10909
2019-05-16 22:29:00
CVE-2019-10912
2019-05-16 22:29:00
cvelist
cvelist
CVE-2018-19790
2018-12-18 22:00:00
CVE-2019-10909
2019-05-16 21:36:10
CVE-2019-10910
2019-05-16 21:31:41
veracode
veracode
Open Redirect
2018-12-19 01:52:36
Information Disclosure
2018-12-19 06:03:31
Remote Code Execution (RCE)
2019-04-18 02:43:58
nvd
nvd
CVE-2018-19790
2018-12-18 22:29:05
CVE-2019-10909
2019-05-16 22:29:00
CVE-2019-10910
2019-05-16 22:29:00
prion
prion
Remote code execution
2018-12-18 22:29:00
Input validation
2019-05-16 22:29:00
Open redirect
2018-12-18 22:29:00
github
github
Symfony Cross-site Scripting (XSS) vulnerability
2019-11-12 23:00:53
Symfony Open Redirect
2022-05-14 01:04:20
Symfony Service IDs Allow Injection
2019-11-18 17:27:31
typo3
typo3
Possible deserialization side-effects in symfony/cache
2019-06-25 00:00:00
redhatcve
redhatcve
CVE-2019-10911
2022-05-20 22:45:13

EPSS

0.878

Percentile

98.7%

JSON
Related for DEBIAN:DSA-4441-1:6ED3B
debian3nessus25openvas25osv19fedora21freebsd1drupal3ibm2thn2friendsofphp24symfony8ubuntucve8cve8debiancve8cvelist8veracode8nvd8prion8github8typo31redhatcve1