VYPR

Packagist (Composer) package

friendsofsymfony/user-bundle

pkg:composer/friendsofsymfony/user-bundle

Vulnerabilities (1)

  • CVE-2013-5750Sep 25, 2013
    affected >= 1.2.0, < 1.2.5fixed 1.2.5

    The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation.