CVE-2013-4751Improper Input Validation in Validator

CWE-20Improper Input Validation7 documents5 sources
Severity
8.1HIGHNVD
EPSS
0.6%
top 31.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Sensiolabs SymfonySymfonySymfony Validator+2 more
Timeline
PublishedNov 1
Latest updateMay 5

Description

php-symfony2-Validator has loss of information during serialization

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages3 packages

Packagistsymfony/validator2.0.02.0.24+3
Packagistsymfony/symfony2.0.02.0.24+3
NVDsensiolabs/symfony2.0.02.0.24+3

Also affects: Fedora 18, 19, Enterprise Linux 6.0

Patches

Patch: symfony.comPatch: symfony.com

🔴Vulnerability Details

3
OSV
Symfony collectionCascaded and collectionCascadedDeeply fields security bypass2022-05-05
GHSA
Symfony collectionCascaded and collectionCascadedDeeply fields security bypass2022-05-05
CVEList
CVE-2013-4751: php-symfony2-Validator has loss of information during serialization2019-11-01

💬Community

3
Bugzilla
CVE-2013-4751 php-symfony2-Validator: php-symfony2-Validation: validation metadata serialization and loss of information [epel-6]2013-08-09
Bugzilla
CVE-2013-4751 php-symfony2-Validator: php-symfony2-Validation: validation metadata serialization and loss of information [fedora-all]2013-08-09
Bugzilla
CVE-2013-4751 php-symfony2-Validation: validation metadata serialization and loss of information2013-08-09
CVE-2013-4751 — Improper Input Validation in Validator | cvebase