Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| symfony/security-core(Packagist) | 2.7.30 | 2.7.32 | N/A |
| symfony/security-core(Packagist) | 2.8.23 | 2.8.25 | N/A |
| symfony/security-core(Packagist) | 3.2.10 | 3.2.12 | N/A |
| symfony/security-core(Packagist) | 3.3.3 | 3.3.5 | N/A |
| symfony/security(Packagist) | 2.7.30 | 2.7.32 | N/A |
| symfony/security(Packagist) | 2.8.23 | 2.8.25 | N/A |
| symfony/security(Packagist) | 3.2.10 | 3.2.12 | N/A |
| symfony/security(Packagist) | 3.3.3 | 3.3.5 | N/A |
| symfony/symfony(Packagist) | 2.7.30 | 2.7.32 | N/A |
| symfony/symfony(Packagist) | 2.8.23 | 2.8.25 | N/A |
| symfony/symfony(Packagist) | 3.2.10 | 3.2.12 | N/A |
| symfony/symfony(Packagist) | 3.3.3 | 3.3.5 | N/A |
CVSS Metrics
