Friends Of Symfony Project Fosuserbundle : Security vulnerabilities, CVEs

CVE-2013-5750

The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation.

Max CVSS

5.0

EPSS Score

0.16%

Published

2013-09-25

Updated

2013-10-15

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Friends Of Symfony Project » Fosuserbundle : Security Vulnerabilities, CVEs, CVSS score >= 5

CVE-2013-5750