Lucene search
GoogleOSV:CVE-2019-18889HistoryNov 21, 2019 - 11:15 p.m.
CVE-2019-18889
2019-11-2123:15:13
Google
osv.dev
11
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
References
github.com/symfony/symfony/releases/tag/v4.3.8
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
symfony.com/blog/symfony-4-3-8-released
Related
openvas
openvas
ubuntucve
ubuntucve
CVE-2019-18889
2019-11-21 00:00:00
osv
osv
Symfony Unsafe Cache Serialization Could Enable RCE
2019-12-02 18:07:16
symantec
symantec
Symfony CVE-2019-18889 Multiple Remote Code Execution Vulnerabilities
2019-11-13 00:00:00
github
github
Symfony Unsafe Cache Serialization Could Enable RCE
2019-12-02 18:07:16
debiancve
debiancve
CVE-2019-18889
2019-11-21 23:15:13
prion
prion
Code injection
2019-11-21 23:15:00
veracode
veracode
Remote Code Execution
2019-11-18 03:53:15
cvelist
cvelist
CVE-2019-18889
2019-11-21 22:21:42
symfony
symfony
nvd
nvd
CVE-2019-18889
2019-11-21 23:15:13
cve
cve
CVE-2019-18889
2019-11-21 23:15:13
friendsofphp
friendsofphp
nessus
nessus
Debian DSA-4573-1 : symfony - security update
2019-11-20 00:00:00
Fedora 31 : php-symfony3 (2019-8b0ba02338)
2019-11-22 00:00:00
debian
debian
[SECURITY] [DSA 4573-1] symfony security update
2019-11-18 22:04:18
fedora
fedora
[SECURITY] Fedora 31 Update: php-symfony3-3.4.35-2.fc31
2019-11-22 00:48:10