CVE-2019-10910

Published: 2019-05-16T22:29Z

Last Modified: 2024-11-21T04:20Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt