CVE-2013-5958MEDIUMCVSS 5.0≥ 1.0.0, < 1.10.02022-05-17
CVE-2013-5958 [MEDIUM] CWE-789 Symfony Denial of Service Via Long Password Hashing
Symfony Denial of Service Via Long Password Hashing
The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750.
ghsaosv