
We found results for “”
CVE-2014-6061
Date: August 19, 2025
Symfony before 2.3.19, 2.4.9, 2.5.4 is vulnerable to security issue when parsing the Authorization header. When an application uses an HTTP basic or digest authentication, Symfony does not parse the Authorization header properly, which could be exploited in some server setups (no exploits have been demonstrated though.)
Language: PHP
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Improper Input Validation
CWE-20CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |