[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"vulnerability-29112":17,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":47},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},{"id":18,"detectable_with":19,"vuln_details":26,"vuln_id":44,"name":45,"published":46,"updated":27},29112,{"tool":20,"engine":23},{"id":21,"name":22},1,"Network Scanner",{"id":24,"name":25},2,"Nuclei",{"id":18,"codename":27,"description":27,"severity":28,"risk_description":29,"public_description":30,"public_recommendation":31,"recommendation":27,"references":32,"cvssv3":37,"epss_score":38,"epss_percentile":39,"cve":40,"in_cisa_catalog":42,"date":43,"software_type":27,"vendor":27,"product":27,"ptt_exploit_capabilities":27},null,"high","Attackers can bypass access control rules, potentially gaining unauthorized access to restricted resources.","Symfony HttpFoundation component >= 2.0.0 and prior to versions 5.4.50, 6.4.29, and 7.3.7 contains an access control bypass vulnerability. The Request class improperly interprets some PATH_INFO values, producing URL paths without a leading `/`. This allows bypassing access control rules that are built with the `/-prefix` assumption.","Update to Symfony versions 5.4.50, 6.4.29, or 7.3.7 or later.",[33,34,35,36],"https://github.com/symfony/symfony/security/advisories/GHSA-3rg7-wf37-54rm","https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass","https://github.com/symfony/symfony/commit/9962b91b12bb791322fa73836b350836b6db7cac","https://nvd.nist.gov/vuln/detail/CVE-2025-64500",7.3,0.03928,0.88291,[41],"CVE-2025-64500",false,"2025-11-12T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2025-64500","Symfony HttpFoundation - Access Control Bypass via PATH_INFO","2026-04-03T00:00:00Z",["Island",48],{"key":49,"params":50,"result":52},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":51},"{\"text-color\":\"gray\"}",{"head":53},{}]