Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2015-8125

Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component.

  • Published: Dec 7, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-8125
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
sensiolabs / symfony 2.3.21 2.3.21.x
sensiolabs / symfony 2.3.14 2.3.14.x
sensiolabs / symfony 2.7.5 2.7.5.x
sensiolabs / symfony 2.7.4 2.7.4.x
sensiolabs / symfony 2.3.27 2.3.27.x
sensiolabs / symfony 2.3.0 2.3.0.x
sensiolabs / symfony 2.7.1 2.7.1.x
sensiolabs / symfony 2.3.15 2.3.15.x
sensiolabs / symfony 2.3.6 2.3.6.x
sensiolabs / symfony 2.6.1 2.6.1.x
sensiolabs / symfony 2.3.34 2.3.34.x
sensiolabs / symfony 2.3.2 2.3.2.x
sensiolabs / symfony 2.3.28 2.3.28.x
sensiolabs / symfony 2.3.30 2.3.30.x
sensiolabs / symfony 2.6.5 2.6.5.x
sensiolabs / symfony 2.3.22 2.3.22.x
sensiolabs / symfony 2.6.11 2.6.11.x
sensiolabs / symfony 2.3.33 2.3.33.x
sensiolabs / symfony 2.6.3 2.6.3.x
sensiolabs / symfony 2.6.8 2.6.8.x
sensiolabs / symfony 2.3.23 2.3.23.x
sensiolabs / symfony 2.3.20 2.3.20.x
sensiolabs / symfony 2.6.10 2.6.10.x
sensiolabs / symfony 2.3.12 2.3.12.x
sensiolabs / symfony 2.3.19 2.3.19.x
sensiolabs / symfony 2.7.0 2.7.0.x
sensiolabs / symfony 2.7.3 2.7.3.x
sensiolabs / symfony 2.3.7 2.3.7.x
sensiolabs / symfony 2.6.4 2.6.4.x
sensiolabs / symfony 2.6.6 2.6.6.x
sensiolabs / symfony 2.3.8 2.3.8.x
sensiolabs / symfony 2.6.7 2.6.7.x
sensiolabs / symfony 2.3.4 2.3.4.x
sensiolabs / symfony 2.7.2 2.7.2.x
sensiolabs / symfony 2.6.0 2.6.0.x
sensiolabs / symfony 2.3.29 2.3.29.x
sensiolabs / symfony 2.3.11 2.3.11.x
sensiolabs / symfony 2.3.31 2.3.31.x
sensiolabs / symfony 2.3.3 2.3.3.x
sensiolabs / symfony 2.3.1 2.3.1.x
sensiolabs / symfony 2.7.6 2.7.6.x
sensiolabs / symfony 2.3.13 2.3.13.x
sensiolabs / symfony 2.3.16 2.3.16.x
sensiolabs / symfony 2.3.10 2.3.10.x
sensiolabs / symfony 2.3.26 2.3.26.x
sensiolabs / symfony 2.3.25 2.3.25.x
sensiolabs / symfony 2.3.9 2.3.9.x
sensiolabs / symfony 2.3.17 2.3.17.x
sensiolabs / symfony 2.6.9 2.6.9.x
sensiolabs / symfony 2.3.18 2.3.18.x
sensiolabs / symfony 2.3.32 2.3.32.x
sensiolabs / symfony 2.3.24 2.3.24.x
sensiolabs / symfony 2.6.2 2.6.2.x
sensiolabs / symfony 2.3.5 2.3.5.x