title: "CVE-2018-11406: CSRF Token Fixation"
link: https://symfony.com/cve-2018-11406
cve: CVE-2018-11406
branches:
2.4.x:
time: 2018-05-25 11:46:22
versions: ['>=2.4.0', '<2.7.48']
2.5.x:
time: 2018-05-25 11:46:22
versions: ['>=2.5.0', '<2.7.48']
2.6.x:
time: 2018-05-25 11:46:22
versions: ['>=2.6.0', '<2.7.48']
2.7.x:
time: 2018-05-25 11:46:22
versions: ['>=2.7.0', '<2.7.48']
2.8.x:
time: 2018-05-25 12:12:59
versions: ['>=2.8.0', '<2.8.41']
3.0.x:
time: 2018-05-25 12:44:29
versions: ['>=3.0.0', '<3.1.0']
3.1.x:
time: 2018-05-25 12:44:29
versions: ['>=3.1.0', '<3.2.0']
3.2.x:
time: 2018-05-25 12:44:29
versions: ['>=3.2.0', '<3.3.0']
3.3.x:
time: 2018-05-25 12:44:29
versions: ['>=3.3.0', '<3.3.17']
3.4.x:
time: 2018-05-25 13:17:43
versions: ['>=3.4.0', '<3.4.11']
4.0.x:
time: 2018-05-25 14:04:47
versions: ['>=4.0.0', '<4.0.11']
reference: composer://symfony/security-csrf
|