Security Advisory

CVE-2019-10912

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-05-16 21:20:12

Last updated 2024-08-04 22:40:15

Assigner mitre

State PUBLISHED

Description

In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge.

← Browse all CVEs View on cve.org ↗