DEBIAN-CVE-2024-36611
- Source
- https://security-tracker.debian.org/tracker/CVE-2024-36611
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-36611.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2024-36611
- Upstream
- Published
- 2024-11-29T19:15:06.780Z
- Modified
- 2026-03-17T02:50:11.739224Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic handling or denial of service. NOTE: the Supplier has concluded that this is a false report.
- References
Affected packages
Debian:11 / symfony
Package
- Name
- symfony
- Purl
- pkg:deb/debian/symfony?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.4.19+dfsg-2
4.4.19+dfsg-2+deb11u1
4.4.19+dfsg-2+deb11u2
4.4.19+dfsg-2+deb11u3
4.4.19+dfsg-2+deb11u4
4.4.19+dfsg-2+deb11u5
4.4.19+dfsg-2+deb11u6
4.4.19+dfsg-2+deb11u7
4.4.19+dfsg-3
5.*
5.0.0~beta2-1
5.0.2-1
5.0.4-1
5.2.1+dfsg-1
5.2.2+dfsg-1
5.2.3+dfsg-1
5.2.4+dfsg-1
5.2.5+dfsg-1
5.2.6+dfsg-1
5.3.9+dfsg-1
5.3.10+dfsg-1
5.3.12+dfsg-1
5.3.12+dfsg-2
5.4.0~beta1+dfsg-1
5.4.0~beta2+dfsg-1
5.4.0~beta3+dfsg-1
5.4.0~rc1+dfsg-1
5.4.0~rc1+dfsg-2
5.4.0~rc1+dfsg-3
5.4.0+dfsg-1
5.4.0+dfsg-2
5.4.1+dfsg-1
5.4.2+dfsg-1
5.4.2+dfsg-2
5.4.2+dfsg-3
5.4.4+dfsg-1
5.4.6+dfsg-1
5.4.8+dfsg-1
5.4.9+dfsg-1
5.4.9+dfsg-2
5.4.10+dfsg-1
5.4.11+dfsg-1
5.4.11+dfsg-2
5.4.12+dfsg-1
5.4.12+dfsg-2
5.4.13+dfsg-1
5.4.14+dfsg-1
5.4.15+dfsg-1
5.4.16+dfsg-1
5.4.18+dfsg-1
5.4.18+dfsg-2
5.4.18+dfsg-3
5.4.19+dfsg-1
5.4.20+dfsg-1
5.4.21+dfsg-1
5.4.22+dfsg-1
5.4.22+dfsg-2
5.4.22+dfsg-3
5.4.23+dfsg-1
5.4.24+dfsg-1
5.4.25+dfsg-1
5.4.27+dfsg-1
5.4.28+dfsg-1
5.4.29+dfsg-1
5.4.30+dfsg-1
5.4.31+dfsg-1
5.4.31+dfsg-2
5.4.32+dfsg-1
5.4.33+dfsg-1
5.4.34+dfsg-1
5.4.34+dfsg-2
5.4.35+dfsg-1
5.4.35+dfsg-2
5.4.35+dfsg-3
6.*
6.3.0~rc1+dfsg-1
6.3.0~rc2+dfsg-1
6.3.0+dfsg-1
6.3.1+dfsg-1
6.3.3+dfsg-1
6.3.4+dfsg-1
6.3.5+dfsg-1
6.3.6+dfsg-1
6.3.7+dfsg-1
6.4.0~beta2+dfsg-1
6.4.0~beta3+dfsg-1
6.4.0~rc1+dfsg-1
6.4.0~rc2+dfsg-1
6.4.0+dfsg-1
6.4.1+dfsg-1
6.4.2+dfsg-1
6.4.3+dfsg-1
6.4.4+dfsg-1
6.4.4+dfsg-2
6.4.4+dfsg-3
6.4.4+dfsg-4
6.4.5+dfsg-1
6.4.5+dfsg-2
6.4.5+dfsg-3
6.4.5+dfsg-4
6.4.6+dfsg-1
6.4.7+dfsg-1
6.4.9+dfsg-1
6.4.10+dfsg-1
6.4.11+dfsg-1
6.4.12+dfsg-1
6.4.13+dfsg-1
6.4.14+dfsg-1
6.4.15+dfsg-1
6.4.16+dfsg-1
6.4.16+dfsg-2
6.4.17+dfsg-1
6.4.17+dfsg-2
6.4.17+dfsg-3
6.4.17+dfsg-4
6.4.17+dfsg-5
6.4.17+dfsg-6
6.4.18+dfsg-1
6.4.19+dfsg-1
6.4.19+dfsg-2
6.4.20+dfsg-1
6.4.20+dfsg-2
6.4.21+dfsg-1
6.4.21+dfsg-2
6.4.24+dfsg-1
6.4.25+dfsg-1
7.*
7.0.4+dfsg-1
7.0.5+dfsg-1
7.0.6+dfsg-1
7.0.7+dfsg-1
7.1.0~beta1+dfsg-1
7.1.0~rc1+dfsg-1
7.1.2+dfsg-1
7.1.3+dfsg-1
7.1.4+dfsg-1
7.1.5+dfsg-1
7.2.0~beta1+dfsg-1
7.2.0~beta2+dfsg-1
7.2.0~rc1+dfsg-1
7.2.1+dfsg-1
7.2.2+dfsg-1
7.2.3+dfsg-1
7.2.4+dfsg-1
7.2.5+dfsg-1
7.2.6-1
7.3.0~beta1+dfsg-1
7.3.0~beta2+dfsg-1
7.3.0~rc1+dfsg-1
7.3.0+dfsg-1
7.3.1+dfsg-1
7.3.2+dfsg-1
7.3.3+dfsg-1
7.3.4+dfsg-1
7.3.5-1
7.4.0~beta1-1
7.4.0~beta1-2
7.4.0~beta2+dfsg-1
7.4.0~beta2+dfsg-2
7.4.0~beta2+dfsg-3
7.4.0~rc1+dfsg-1
7.4.0~rc2+dfsg-1
7.4.0~rc3+dfsg-1
7.4.0+dfsg-1
7.4.0+dfsg-2
7.4.2+dfsg-1
7.4.2+dfsg-2
7.4.3+dfsg-1
7.4.4+dfsg-1
7.4.5+dfsg-1
7.4.6+dfsg-1
7.4.6+dfsg-2
7.4.7+dfsg-1
8.*
8.0.0~beta2+dfsg-1
8.0.0~beta2+dfsg-2
8.0.0~rc1+dfsg-1
8.0.0~rc2+dfsg-1
8.0.0~rc3+dfsg-1
8.0.0+dfsg-1
8.0.2+dfsg-1
8.0.3+dfsg-1
8.0.4+dfsg-1
8.0.5+dfsg-1
8.0.6+dfsg-1
8.0.7+dfsg-1
Debian:12 / symfony
Package
- Name
- symfony
- Purl
- pkg:deb/debian/symfony?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.4.23+dfsg-1
5.4.23+dfsg-1+deb12u1
5.4.23+dfsg-1+deb12u2
5.4.23+dfsg-1+deb12u3
5.4.23+dfsg-1+deb12u4
5.4.23+dfsg-1+deb12u5
5.4.24+dfsg-1
5.4.25+dfsg-1
5.4.27+dfsg-1
5.4.28+dfsg-1
5.4.29+dfsg-1
5.4.30+dfsg-1
5.4.31+dfsg-1
5.4.31+dfsg-2
5.4.32+dfsg-1
5.4.33+dfsg-1
5.4.34+dfsg-1
5.4.34+dfsg-2
5.4.35+dfsg-1
5.4.35+dfsg-2
5.4.35+dfsg-3
6.*
6.3.0~rc1+dfsg-1
6.3.0~rc2+dfsg-1
6.3.0+dfsg-1
6.3.1+dfsg-1
6.3.3+dfsg-1
6.3.4+dfsg-1
6.3.5+dfsg-1
6.3.6+dfsg-1
6.3.7+dfsg-1
6.4.0~beta2+dfsg-1
6.4.0~beta3+dfsg-1
6.4.0~rc1+dfsg-1
6.4.0~rc2+dfsg-1
6.4.0+dfsg-1
6.4.1+dfsg-1
6.4.2+dfsg-1
6.4.3+dfsg-1
6.4.4+dfsg-1
6.4.4+dfsg-2
6.4.4+dfsg-3
6.4.4+dfsg-4
6.4.5+dfsg-1
6.4.5+dfsg-2
6.4.5+dfsg-3
6.4.5+dfsg-4
6.4.6+dfsg-1
6.4.7+dfsg-1
6.4.9+dfsg-1
6.4.10+dfsg-1
6.4.11+dfsg-1
6.4.12+dfsg-1
6.4.13+dfsg-1
6.4.14+dfsg-1
6.4.15+dfsg-1
6.4.16+dfsg-1
6.4.16+dfsg-2
6.4.17+dfsg-1
6.4.17+dfsg-2
6.4.17+dfsg-3
6.4.17+dfsg-4
6.4.17+dfsg-5
6.4.17+dfsg-6
6.4.18+dfsg-1
6.4.19+dfsg-1
6.4.19+dfsg-2
6.4.20+dfsg-1
6.4.20+dfsg-2
6.4.21+dfsg-1
6.4.21+dfsg-2
6.4.24+dfsg-1
6.4.25+dfsg-1
7.*
7.0.4+dfsg-1
7.0.5+dfsg-1
7.0.6+dfsg-1
7.0.7+dfsg-1
7.1.0~beta1+dfsg-1
7.1.0~rc1+dfsg-1
7.1.2+dfsg-1
7.1.3+dfsg-1
7.1.4+dfsg-1
7.1.5+dfsg-1
7.2.0~beta1+dfsg-1
7.2.0~beta2+dfsg-1
7.2.0~rc1+dfsg-1
7.2.1+dfsg-1
7.2.2+dfsg-1
7.2.3+dfsg-1
7.2.4+dfsg-1
7.2.5+dfsg-1
7.2.6-1
7.3.0~beta1+dfsg-1
7.3.0~beta2+dfsg-1
7.3.0~rc1+dfsg-1
7.3.0+dfsg-1
7.3.1+dfsg-1
7.3.2+dfsg-1
7.3.3+dfsg-1
7.3.4+dfsg-1
7.3.5-1
7.4.0~beta1-1
7.4.0~beta1-2
7.4.0~beta2+dfsg-1
7.4.0~beta2+dfsg-2
7.4.0~beta2+dfsg-3
7.4.0~rc1+dfsg-1
7.4.0~rc2+dfsg-1
7.4.0~rc3+dfsg-1
7.4.0+dfsg-1
7.4.0+dfsg-2
7.4.2+dfsg-1
7.4.2+dfsg-2
7.4.3+dfsg-1
7.4.4+dfsg-1
7.4.5+dfsg-1
7.4.6+dfsg-1
7.4.6+dfsg-2
7.4.7+dfsg-1
8.*
8.0.0~beta2+dfsg-1
8.0.0~beta2+dfsg-2
8.0.0~rc1+dfsg-1
8.0.0~rc2+dfsg-1
8.0.0~rc3+dfsg-1
8.0.0+dfsg-1
8.0.2+dfsg-1
8.0.3+dfsg-1
8.0.4+dfsg-1
8.0.5+dfsg-1
8.0.6+dfsg-1
8.0.7+dfsg-1
Debian:13 / symfony
Package
- Name
- symfony
- Purl
- pkg:deb/debian/symfony?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.4.21+dfsg-2
6.4.21+dfsg-2+deb13u1
6.4.24+dfsg-1
6.4.25+dfsg-1
7.*
7.0.4+dfsg-1
7.0.5+dfsg-1
7.0.6+dfsg-1
7.0.7+dfsg-1
7.1.0~beta1+dfsg-1
7.1.0~rc1+dfsg-1
7.1.2+dfsg-1
7.1.3+dfsg-1
7.1.4+dfsg-1
7.1.5+dfsg-1
7.2.0~beta1+dfsg-1
7.2.0~beta2+dfsg-1
7.2.0~rc1+dfsg-1
7.2.1+dfsg-1
7.2.2+dfsg-1
7.2.3+dfsg-1
7.2.4+dfsg-1
7.2.5+dfsg-1
7.2.6-1
7.3.0~beta1+dfsg-1
7.3.0~beta2+dfsg-1
7.3.0~rc1+dfsg-1
7.3.0+dfsg-1
7.3.1+dfsg-1
7.3.2+dfsg-1
7.3.3+dfsg-1
7.3.4+dfsg-1
7.3.5-1
7.4.0~beta1-1
7.4.0~beta1-2
7.4.0~beta2+dfsg-1
7.4.0~beta2+dfsg-2
7.4.0~beta2+dfsg-3
7.4.0~rc1+dfsg-1
7.4.0~rc2+dfsg-1
7.4.0~rc3+dfsg-1
7.4.0+dfsg-1
7.4.0+dfsg-2
7.4.2+dfsg-1
7.4.2+dfsg-2
7.4.3+dfsg-1
7.4.4+dfsg-1
7.4.5+dfsg-1
7.4.6+dfsg-1
7.4.6+dfsg-2
7.4.7+dfsg-1
8.*
8.0.0~beta2+dfsg-1
8.0.0~beta2+dfsg-2
8.0.0~rc1+dfsg-1
8.0.0~rc2+dfsg-1
8.0.0~rc3+dfsg-1
8.0.0+dfsg-1
8.0.2+dfsg-1
8.0.3+dfsg-1
8.0.4+dfsg-1
8.0.5+dfsg-1
8.0.6+dfsg-1
8.0.7+dfsg-1
Debian:14 / symfony
Package
- Name
- symfony
- Purl
- pkg:deb/debian/symfony?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.4.21+dfsg-2
6.4.24+dfsg-1
6.4.25+dfsg-1
7.*
7.0.4+dfsg-1
7.0.5+dfsg-1
7.0.6+dfsg-1
7.0.7+dfsg-1
7.1.0~beta1+dfsg-1
7.1.0~rc1+dfsg-1
7.1.2+dfsg-1
7.1.3+dfsg-1
7.1.4+dfsg-1
7.1.5+dfsg-1
7.2.0~beta1+dfsg-1
7.2.0~beta2+dfsg-1
7.2.0~rc1+dfsg-1
7.2.1+dfsg-1
7.2.2+dfsg-1
7.2.3+dfsg-1
7.2.4+dfsg-1
7.2.5+dfsg-1
7.2.6-1
7.3.0~beta1+dfsg-1
7.3.0~beta2+dfsg-1
7.3.0~rc1+dfsg-1
7.3.0+dfsg-1
7.3.1+dfsg-1
7.3.2+dfsg-1
7.3.3+dfsg-1
7.3.4+dfsg-1
7.3.5-1
7.4.0~beta1-1
7.4.0~beta1-2
7.4.0~beta2+dfsg-1
7.4.0~beta2+dfsg-2
7.4.0~beta2+dfsg-3
7.4.0~rc1+dfsg-1
7.4.0~rc2+dfsg-1
7.4.0~rc3+dfsg-1
7.4.0+dfsg-1
7.4.0+dfsg-2
7.4.2+dfsg-1
7.4.2+dfsg-2
7.4.3+dfsg-1
7.4.4+dfsg-1
7.4.5+dfsg-1
7.4.6+dfsg-1
7.4.6+dfsg-2
7.4.7+dfsg-1
8.*
8.0.0~beta2+dfsg-1
8.0.0~beta2+dfsg-2
8.0.0~rc1+dfsg-1
8.0.0~rc2+dfsg-1
8.0.0~rc3+dfsg-1
8.0.0+dfsg-1
8.0.2+dfsg-1
8.0.3+dfsg-1
8.0.4+dfsg-1
8.0.5+dfsg-1
8.0.6+dfsg-1
8.0.7+dfsg-1