{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T08:35:55.010","vulnerabilities":[{"cve":{"id":"CVE-2024-50342","sourceIdentifier":"security-advisories@github.com","published":"2024-11-06T21:15:05.963","lastModified":"2026-01-12T17:45:24.250","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability."},{"lang":"es","value":"symfony/http-client es un módulo para el framework PHP Symphony que proporciona métodos potentes para obtener recursos HTTP de forma sincrónica o asincrónica. Al utilizar `NoPrivateNetworkHttpClient`, todavía se filtra cierta información interna durante la resolución del host, lo que lleva a una posible enumeración de IP/puerto. A partir de las versiones 5.4.46, 6.4.14 y 7.1.7, `NoPrivateNetworkHttpClient` ahora filtra las IP bloqueadas antes para evitar dichas filtraciones. Se recomienda a todos los usuarios que actualicen la versión. No se conocen workarounds para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sensiolabs:httpclient:*:*:*:*:*:*:*:*","versionEndExcluding":"5.4.46","matchCriteriaId":"DCD522A1-414A-4E9D-8CD3-1AF7381721D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:sensiolabs:httpclient:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.4.14","matchCriteriaId":"3995A623-DA0E-45DC-8BB2-AC4FF8645E8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sensiolabs:httpclient:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.1.7","matchCriteriaId":"850FABC0-EBDC-46A8-92B2-2B73C1FDD7D6"}]}]}],"references":[{"url":"https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}