The patch released last week for CVE-2024-50342 was incomplete. New versions have just been released to address it.
Published in
#Security Advisories
Update for CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient
November 13, 2024
•
Published by
Fabien Potencier
Have found a security issue in Symfony? Send the details to
security [at] symfony.com and don't
disclose it publicly until we can provide a fix for it.
Manage your notification preferences to receive an email as soon as a Symfony security release is published.
Help the Symfony project!
As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.
Comments are closed.
To ensure that comments stay relevant, they are closed for old posts.