CVE-2024-36610 – A deserialization vulnerability exists in the Stub

CVE ID : CVE-2024-36610

Published : Nov. 29, 2024, 8:15 p.m. | 16 hours, 1 minute ago

Description : A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony v7.0.3. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-36610 – A deserialization vulnerability exists in the Stub