github · advisory-database · Dec 3, 2024 · Dec 3, 2024 · stof · Dec 3, 2024
diff --git a/advisories/github-reviewed/2024/11/GHSA-7q22-x757-cmgc/GHSA-7q22-x757-cmgc.json b/advisories/github-reviewed/2024/11/GHSA-7q22-x757-cmgc/GHSA-7q22-x757-cmgc.json
@@ -1,17 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7q22-x757-cmgc",
-  "modified": "2024-12-02T20:21:10Z",
+  "modified": "2024-12-02T20:21:11Z",
   "published": "2024-11-29T21:31:03Z",
   "aliases": [
     "CVE-2024-36611"
   ],
   "summary": "Symfony http-security has authentication bypass",
-  "details": "In Symfony, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic handling or denial of service.",
+  "details": "no security issue.\nFlase report",
-  "details": "no security issue.\nFlase report",
+  "details": "no security issue.\nFalse report",
-  "details": "no security issue.\nFlase report",
+  "details": "no security issue.\nFalse report",
   "severity": [
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"
+      "score": "CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
     }
   ],
   "affected": [
@@ -28,7 +28,7 @@
               "introduced": "0"
             },
             {
-              "fixed": "7.1.0"
+              "fixed": "0.0.0"
             }
           ]
         }
@@ -57,7 +57,7 @@
     "cwe_ids": [
       "CWE-287"
     ],
-    "severity": "MODERATE",
+    "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2024-12-02T20:21:10Z",
     "nvd_published_at": "2024-11-29T19:15:06Z"