You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR was merged into the 2.3 branch.
Discussion
----------
[Contributing][Security] add CVE-2015-4050
| Q | A
| ------------- | ---
| Doc fix? | no
| New docs? | no
| Applies to | all
| Fixed tickets |
Commits
-------
8c6afd8 [Contributing][Security] add CVE-2015-4050
Copy file name to clipboardExpand all lines: contributing/code/security.rst
+1Lines changed: 1 addition & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -96,6 +96,7 @@ Security Advisories
96
96
This section indexes security vulnerabilities that were fixed in Symfony
97
97
releases, starting from Symfony 1.0.0:
98
98
99
+
* May 26, 2015: `CVE-2015-4050: ESI unauthorized access <http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access>`_ (Symfony 2.3.29, 2.5.12 and 2.6.8)
99
100
* April 1, 2015: `CVE-2015-2309: Unsafe methods in the Request class <http://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)
100
101
* April 1, 2015: `CVE-2015-2308: Esi Code Injection <http://symfony.com/blog/cve-2015-2308-esi-code-injection>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)
101
102
* September 3, 2014: `CVE-2014-6072: CSRF vulnerability in the Web Profiler <http://symfony.com/blog/cve-2014-6072-csrf-vulnerability-in-the-web-profiler>`_ (Symfony 2.3.19, 2.4.9 and 2.5.4)
0 commit comments