Vulnerabilities (CVE)

Filtered by vendor Friends Of Symfony Project Subscribe
Filtered by product Fosuserbundle
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-5750 1 Friends Of Symfony Project 1 Fosuserbundle 2024-11-21 5.0 MEDIUM N/A
The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation.