Packagist (Composer) package
lexik/jwt-authentication-bundle
pkg:composer/lexik/jwt-authentication-bundle
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21424 | — | >= 2.0.0, < 2.10.7 | 2.10.7 | May 13, 2021 | Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch user |
- CVE-2021-21424May 13, 2021affected >= 2.0.0, < 2.10.7fixed 2.10.7
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch user