fossology icon indicating copy to clipboard operation
fossology copied to clipboard

Published 20 hours ago verified publisher icon fossology

Check service IDs are valid

Open imhunterand opened this issue 2 years ago • 1 comments

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection.

imhunterand avatar Jul 29 '22 06:07 imhunterand

This pull request has conflicts, please rebase with master to resolve those before we can evaluate the pull request.

github-actions[bot] avatar Aug 01 '22 14:08 github-actions[bot]

Irrelevant changes as these changes are already in master.

shaheemazmalmmd avatar Oct 06 '22 05:10 shaheemazmalmmd