← volver
CVE-2013-5750

CVE-2013-5750

EPSS 1.2%
The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://symfony.com/blog/cve-2013-5750-security-issue-in-fosuserbundle-login-form