GHSA-wvj5-r78r-hhfq

• CVE-2016-2403

• 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

{
    "nvd_published_at": "2017-02-07T17:59:00Z",
    "cwe_ids": [
        "CWE-287"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-31T18:26:03Z"
}

• https://nvd.nist.gov/vuln/detail/CVE-2016-2403
• https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-core/CVE-2016-2403.yaml
• https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2016-2403.yaml
• https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2016-2403.yaml
• https://symfony.com/cve-2016-2403
• https://web.archive.org/web/20210123224944/http://www.securityfocus.com/bid/96137
• https://www.debian.org/security/2018/dsa-4262
• http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password