Download
| Alert*
oval:org.secpod.oval:def:602518
Two vulnerabilities were discovered in Symfony, a PHP framework. CVE-2016-1902 Lander Brandt discovered that the class SecureRandom might generate weak random numbers for cryptographic use under certain settings. If the functions random_bytes or openssl_random_pseudo_bytes are not available, the out ... oval:org.secpod.oval:def:108700 php-symfony is installed oval:org.secpod.oval:def:602128 php-symfony subpackages are installed oval:org.secpod.oval:def:605291 php-symfony is installed oval:org.secpod.oval:def:116320 PHP framework for web projects oval:org.secpod.oval:def:53386 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service. oval:org.secpod.oval:def:603475 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service. oval:org.secpod.oval:def:116319 PHP framework for web projects oval:org.secpod.oval:def:55029 Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution. oval:org.secpod.oval:def:109117 PHP framework for web projects oval:org.secpod.oval:def:109098 PHP framework for web projects oval:org.secpod.oval:def:108699 PHP framework for web projects oval:org.secpod.oval:def:602127 Jakub Zalas discovered that Symfony, a framework to create websites and web applications, was vulnerable to restriction bypass. It was affecting applications with ESI or SSI support enabled, that use the FragmentListener. A malicious user could call any controller via the /_fragment path by providin ... oval:org.secpod.oval:def:108716 PHP framework for web projects oval:org.secpod.oval:def:109147 PHP framework for web projects oval:org.secpod.oval:def:109795 PHP framework for web projects oval:org.secpod.oval:def:109907 PHP framework for web projects oval:org.secpod.oval:def:602285 Several vulnerabilities have been discovered in symfony, a framework to create websites and web applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8124 The RedTeam Pentesting GmbH team discovered a session fixation vulnerability within the &quo ... oval:org.secpod.oval:def:110566 PHP framework for web projects oval:org.secpod.oval:def:110569 PHP framework for web projects oval:org.secpod.oval:def:112947 PHP framework for web projects oval:org.secpod.oval:def:114604 PHP framework for web projects oval:org.secpod.oval:def:69790 Multiple vulnerabilities have been found in the php-symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. oval:org.secpod.oval:def:115645 PHP framework for web projects oval:org.secpod.oval:def:114760 PHP framework for web projects oval:org.secpod.oval:def:114949 PHP framework for web projects oval:org.secpod.oval:def:115642 PHP framework for web projects oval:org.secpod.oval:def:114930 PHP framework for web projects oval:org.secpod.oval:def:603917 Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution. |