Created
May 10, 2016 15:29
-
-
Save paulchubatyy/a550be37c9b58e5ec588f6af6f854eb5 to your computer and use it in GitHub Desktop.
Don't forget to run vendor/bin/security-checker security:check
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| + vendor/bin/security-checker security:check | |
| Security Check Report | |
| ~~~~~~~~~~~~~~~~~~~~~ | |
| Checked file: <http://jenkins.secretservice.com/job/JamesBondJob/ws/composer.lock> | |
| [CRITICAL] | |
| 1 package has known vulnerabilities | |
| symfony/symfony (v3.0.5) | |
| ------------------------ | |
| * CVE-2016-2403: CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password | |
| http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password | |
| * CVE-2016-4423: CVE-2016-4423: Large username storage in session | |
| http://symfony.com/blog/cve-2016-4423-large-username-storage-in-session | |
| This checker can only detect vulnerabilities that are referenced | |
| Disclaimer in the SensioLabs security advisories database. Execute this | |
| command regularly to check the newly discovered vulnerabilities. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment