Loss of Information Affecting symfony/symfony package, versions >=2.3.0, <2.3.3 >=2.1.0, <2.1.12 >=2.2.0, <2.2.5 >=2, <2.0.24
Threat Intelligence
EPSS
0.21% (60th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PHP-SYMFONYSYMFONY-70207
- published 17 Aug 2013
- disclosed 17 Aug 2013
- credit Alexandre Salome
Introduced: 17 Aug 2013
CVE-2013-4751 Open this link in a new tabHow to fix?
Upgrade symfony/symfony
to version 2.3.3, 2.1.12, 2.2.5, 2.0.24 or higher.
Overview
Affected versions of symfony/symfony
are vulnerable to Loss of Information.
When using the Validator component, if Symfony\Component\Validator\Mapping\Cache\ApcCache is enabled (or any other cache implementing Symfony\Component\Validator\Mapping\Cache\CacheInterface), some information is lost during serialization (the collectionCascaded and the collectionCascadedDeeply fields).
References
CVSS Scores
version 3.1