← volver
CVE-2019-11325

CVE-2019-11325

EPSS 3.4%
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/symfony/symfony/releases/tag/v4.3.8https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporterhttps://symfony.com/blog/symfony-4-3-8-released