Information Loss Vulnerability in Symfony2 Validator by Symfony
CVE-2013-4751

8.1HIGH

Key Information:

Vendor

Sensiolabs

Status
Symfony
Vendor
CVE Published:
1 November 2019

What is CVE-2013-4751?

The Symfony2 Validator is susceptible to a vulnerability that results in loss of information during the serialization process. This might allow attackers to gain insights into sensitive data or exploit the flawed serialization logic, potentially leading to unauthorized content exposure or manipulation. It is crucial to ensure that secure coding practices are followed to mitigate risks associated with this vulnerability in affected Symfony versions.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751
x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce...
x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce...
x_refsource_MISC

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.