CVE-2024-36610

Name of the Vulnerable Software and Affected Versions Symfony version 7.0.3

Description A deserialization vulnerability is reported to exist in the Stub class of the VarDumper module in Symfony. The issue stems from deficiencies in handling properties with null or uninitialized values, potentially allowing an attacker to construct specific serialized data and execute unauthorized code. However, it has been concluded that this is a false report.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.