CVE-2019-18889: Injection Vulnerability

November 21, 2019 (updated December 2, 2019)

An issue was discovered in Symfony. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.

References

symfony.com/cve-2019-18889

Detect and mitigate CVE-2019-18889 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →