{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37963?format=json","vulnerability_id":"VCID-ty9b-xe8v-r7ag","summary":"Session Fixation\nSession fixation vulnerability in the `Remember Me` login feature in Symfony allows remote attackers to hijack web sessions via a session id.","aliases":[{"alias":"CVE-2015-8124"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52446?format=json","purl":"pkg:composer/symfony/security@2.3.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.3.35"},{"url":"http://public2.vulnerablecode.io/api/packages/52447?format=json","purl":"pkg:composer/symfony/security@2.6.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.6.12"},{"url":"http://public2.vulnerablecode.io/api/packages/52448?format=json","purl":"pkg:composer/symfony/security@2.7.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.7.7"},{"url":"http://public2.vulnerablecode.io/api/packages/52436?format=json","purl":"pkg:composer/symfony/security-http@2.6.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@2.6.12"},{"url":"http://public2.vulnerablecode.io/api/packages/52437?format=json","purl":"pkg:composer/symfony/security-http@2.7.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@2.7.7"},{"url":"http://public2.vulnerablecode.io/api/packages/52430?format=json","purl":"pkg:composer/symfony/symfony@2.3.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.3.35"},{"url":"http://public2.vulnerablecode.io/api/packages/52431?format=json","purl":"pkg:composer/symfony/symfony@2.6.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.6.12"},{"url":"http://public2.vulnerablecode.io/api/packages/52432?format=json","purl":"pkg:composer/symfony/symfony@2.7.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.7"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52112?format=json","purl":"pkg:composer/symfony/security@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-rkap-39hu-abe9"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"},{"vulnerability":"VCID-uk5a-g7em-gygd"},{"vulnerability":"VCID-x4nv-gvag-7qf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/52444?format=json","purl":"pkg:composer/symfony/security@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"},{"vulnerability":"VCID-uk5a-g7em-gygd"},{"vulnerability":"VCID-x4nv-gvag-7qf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/52445?format=json","purl":"pkg:composer/symfony/security@2.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23hr-yznx-c3fb"},{"vulnerability":"VCID-djnm-e9r4-c3f5"},{"vulnerability":"VCID-dsbx-q641-4fc7"},{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"},{"vulnerability":"VCID-uk5a-g7em-gygd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/52434?format=json","purl":"pkg:composer/symfony/security-http@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/52435?format=json","purl":"pkg:composer/symfony/security-http@2.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23hr-yznx-c3fb"},{"vulnerability":"VCID-ef86-hqv4-6kaz"},{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"},{"vulnerability":"VCID-vyug-krcw-jyef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@2.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/51542?format=json","purl":"pkg:composer/symfony/symfony@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-emn6-zmp1-yuhr"},{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-rkap-39hu-abe9"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"},{"vulnerability":"VCID-uk5a-g7em-gygd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/52428?format=json","purl":"pkg:composer/symfony/symfony@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"},{"vulnerability":"VCID-uk5a-g7em-gygd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/52429?format=json","purl":"pkg:composer/symfony/symfony@2.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1y96-v19f-tkgg"},{"vulnerability":"VCID-23hr-yznx-c3fb"},{"vulnerability":"VCID-6c6t-kmb3-2qcm"},{"vulnerability":"VCID-7m45-bvbn-4qd3"},{"vulnerability":"VCID-dsbx-q641-4fc7"},{"vulnerability":"VCID-gjuz-mjah-e3bj"},{"vulnerability":"VCID-ty9b-xe8v-r7ag"},{"vulnerability":"VCID-uk5a-g7em-gygd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.0"}],"references":[{"reference_url":"https://symfony.com/cve-2015-8124","reference_id":"CVE-2015-8124","reference_type":"","scores":[],"url":"https://symfony.com/cve-2015-8124"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ty9b-xe8v-r7ag"}