← voltar
CVE-2019-11325

CVE-2019-11325

EPSS 3.4%
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/symfony/symfony/releases/tag/v4.3.8https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporterhttps://symfony.com/blog/symfony-4-3-8-released