8000 Merge pull request #57 from xabbuh/symfony-cves · jderusse/symfony@827b654 · GitHub
[go: up one dir, main page]
Skip to content

Commit 827b654

Browse files
fabpotfabpot
committed
Merge pull request symfony#57 from xabbuh/symfony-cves
[Symfony] add CVE-2015-2308 and CVE-2015-2309
2 parents c567c97 + 745a85a commit 827b654

File tree

4 files changed

+104
-0
lines changed

4 files changed

+104
-0
lines changed

symfony/http-foundation/CVE-2015-2309.yaml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
title: Unsafe methods in the Request class
2+
link: http://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class
3+
cve: CVE-2015-2309
4+
branches:
5+
2.0.x:
6+
time: 2015-04-01 18:55:26
7+
versions: [>=2.0.0,<2.1.0]
8+
2.1.x:
9+
time: 2015-04-01 18:55:26
10+
versions: [>=2.1.0,<2.2.0]
11+
2.2.x:
12+
time: 2015-04-01 18:55:26
13+
versions: [>=2.2.0,<2.3.0]
14+
2.3.x:
15+
time: 2015-04-01 18:55:26
16+
versions: [>=2.3.0,<2.3.27]
17+
2.4.x:
18+
time: 2015-04-01 18:55:26
19+
versions: [>=2.4.0,<2.5.0]
20+
2.5.x:
21+
time: 2015-04-01 18:55:26
22+
versions: [>=2.5.0,<2.5.11]
23+
2.6.x:
24+
time: 2015-04-01 18:55:26
25+
versions: [>=2.5.0,<2.6.6]
26+
reference: composer://symfony/http-foundation

symfony/http-kernel/CVE-2015-2308.yaml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
title: Esi Code Injection
2+
link: http://symfony.com/blog/cve-2015-2308-esi-code-injection
3+
cve: CVE-2015-2308
4+
branches:
5+
2.0.x:
6+
time: 2015-04-01 18:55:26
7+
versions: [>=2.0.0,<2.1.0]
8+
2.1.x:
9+
time: 2015-04-01 18:55:26
10+
versions: [>=2.1.0,<2.2.0]
11+
2.2.x:
12+
time: 2015-04-01 18:55:26
13+
versions: [>=2.2.0,<2.3.0]
14+
2.3.x:
15+
time: 2015-04-01 18:55:26
16+
versions: [>=2.3.0,<2.3.27]
17+
2.4.x:
18+
time: 2015-04-01 18:55:26
19+
versions: [>=2.4.0,<2.5.0]
20+
2.5.x:
21+
time: 2015-04-01 18:55:26
22+
versions: [>=2.5.0,<2.5.11]
23+
2.6.x:
24+
time: 2015-04-01 18:55:26
25+
versions: [>=2.6.0,<2.6.6]
26+
reference: composer://symfony/http-kernel

symfony/symfony/CVE-2015-2308.yaml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
title: Esi Code Injection
2+
link: http://symfony.com/blog/cve-2015-2308-esi-code-injection
3+
cve: CVE-2015-2308
4+
branches:
5+
2.0.x:
6+
time: 2015-04-01 18:55:26
7+
versions: [>=2.0.0,<2.1.0]
8+
2.1.x:
9+
time: 2015-04-01 18:55:26
10+
versions: [>=2.1.0,<2.2.0]
11+
2.2.x:
12+
time: 2015-04-01 18:55:26
13+
versions: [>=2.2.0,<2.3.0]
14+
2.3.x:
15+
time: 2015-04-01 18:55:26
16+
versions: [>=2.3.0,<2.3.27]
17+
2.4.x:
18+
time: 2015-04-01 18:55:26
19+
versions: [>=2.4.0,<2.5.0]
20+
2.5.x:
21+
time: 2015-04-01 18:55:26
22+
versions: [>=2.5.0,<2.5.11]
23+
2.6.x:
24+
time: 2015-04-01 18:55:26
25+
versions: [>=2.6.0,<2.6.6]
26+
reference: composer://symfony/symfony

symfony/symfony/CVE-2015-2309.yaml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
title: Unsafe methods in the Request class
2+
link: http://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class
3+
cve: CVE-2015-2309
4+
branches:
5+
2.0.x:
6+
time: 2015-04-01 18:55:26
7+
versions: [>=2.0.0,<2.1.0]
8+
2.1.x:
9+
time: 2015-04-01 18:55:26
10+
versions: [>=2.1.0,<2.2.0]
11+
2.2.x:
12+
time: 2015-04-01 18:55:26
13+
versions: [>=2.2.0,<2.3.0]
14+
2.3.x:
15+
time: 2015-04-01 18:55:26
16+
versions: [>=2.3.0,<2.3.27]
17+
2.4.x:
18+
time: 2015-04-01 18:55:26
19+
versions: [>=2.4.0,<2.5.0]
20+
2.5.x:
21+
time: 2015-04-01 18:55:26
22+
versions: [>=2.5.0,<2.5.11]
23+
2.6.x:
24+
time: 2015-04-01 18:55:26
25+
versions: [>=2.5.0,<2.6.6]
26+
reference: composer://symfony/symfony

0 commit comments

Comments
 (0)
0