Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
packagist symfony/symfony Security Advisories
Loading...
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 56.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg5Mmgtd21nMi02aHA3
Invalid HTTP method overrides allow possible XSS or other attacks in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 56.1
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/proxy-manager-bridge, symfony/dependency-injection
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnd2otcHJwcS1qcGMy
Symfony Service IDs Allow InjectionEcosystems: packagist
Packages: symfony/symfony, symfony/proxy-manager-bridge, symfony/dependency-injection
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/cache
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5Z3ItNThyMy1wd20z
Symfony Unsafe Cache Serialization Could Enable RCEEcosystems: packagist
Packages: symfony/symfony, symfony/cache
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 4 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 46.4
Published: about 2 years ago
GSA_kwCzR0hTQS1xOGhnLXBmOHYtY3hyds02BA
Symfony Http-Kernel has non-constant time comparison in UriSignerEcosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 46.4
Published: about 2 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 46.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1NGgtNXIyNy03eDNy
RCE in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 46.4
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
GSA_kwCzR0hTQS0zNWM1LTI4cGctMnFnNM4AAWke
Symfony Authentication BypassEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
GSA_kwCzR0hTQS13dmo1LXI3OHItaGhmcc4AAWjw
Symfony Authentication BypassEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1xODd2LXE4ZnctZ21qNc4AAgyh
Symfony Incorrect Access ControlEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: symfony/var-exporter, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0cmMtcngyNS04bTg2
Improper Input Validation in SymfonyEcosystems: packagist
Packages: symfony/var-exporter, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 4 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/mime, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoaDYtOTU2cS00cTY5
Argument injection in a MimeTypeGuesser in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/mime, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 4 years ago
High
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/security-bundle, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNGc3LXE3MjYtdjVoZ84AATux
Symfony CSRF Token FixationEcosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/security-bundle, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/validator
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1xOGo3LWZqaDctMjV2Nc3gFg
Symfony collectionCascaded and collectionCascadedDeeply fields security bypassEcosystems: packagist
Packages: symfony/symfony, symfony/validator
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
GSA_kwCzR0hTQS1xM2ozLXczN3gtaHEycc0YFQ
Webcache Poisoning in symfony/http-kernelEcosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 2 years ago
GSA_kwCzR0hTQS04d2dqLTZ3eDgtaDVocc3r4Q
Symfony HTTP Foundation web cache poisoningEcosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNHJnLXJ3NjUtOGhmZ84AAT6-
Symfony Session Fixation VulnerabilityEcosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/http-foundation, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
GSA_kwCzR0hTQS0yMnB2LTd2OWotaHF4cM3grg
Symfony Host Header Injection vulnerability in the HttpFoundation componentEcosystems: packagist
Packages: symfony/http-foundation, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1qang1LWZxNWctOHhwY84AAdU8
Symfony Cryptographic VulnerabilityEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core, symfony/symfony, symfony/phpunit-bridge, symfony/cache
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXcyZnItNjV2cC1teHcz
Deserialization of untrusted data in SymfonyEcosystems: packagist
Packages: typo3/cms, typo3/cms-core, symfony/symfony, symfony/phpunit-bridge, symfony/cache
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: about 4 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 1 year ago
GSA_kwCzR0hTQS1oN3ZmLTV3cnYtOWZods4AAxVO
Symfony storing cookie headers in HttpCacheEcosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: symfony/http-foundation, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1yMnJxLTNoNTYtZnFtNM4AATu7
Symfony DoSEcosystems: packagist
Packages: symfony/http-foundation, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/intl
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNDlyLThnajYtNzY4cs4AAT5H
Symfony Directory TraversalEcosystems: packagist
Packages: symfony/symfony, symfony/intl
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http, symfony/security
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0bTktNWhwZi1oeDcy
Firewall configured with unanimous strategy was not actually unanimous in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/security-http, symfony/security
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: about 4 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjaHgtbWZyYy1md3Fy
Improper authentication in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: about 4 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: almost 2 years ago
GSA_kwCzR0hTQS13aGd2LThjZzMtN2hjbc4AAdU9
Symphony Denial of Service Via Overlong UsernamesEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: almost 2 years ago
GSA_kwCzR0hTQS02NnA2LTdwMjktNTVwOc4AAVWh
Symfony Host Header InjectionEcosystems: packagist
Packages: symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/serializer
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: over 2 years ago
GSA_kwCzR0hTQS0yeGhnLXcyZzUtdzk1eM0YGA
CSV Injection in symfony/serializerEcosystems: packagist
Packages: symfony/symfony, symfony/serializer
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: over 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/form
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1jcXFoLTk0cjYtd2pyZ84AAV2m
Symfony SSRF Vulnerability via Form ComponentEcosystems: packagist
Packages: symfony/symfony, symfony/form
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmY2YtbTY3bS1qY3Jx
Authentication granted to all firewalls instead of just oneEcosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-bundle
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: over 2 years ago
GSA_kwCzR0hTQS1xdzM2LXA5N3ctdmNxcs0YFw
Cookie persistence after password changes in symfony/security-bundleEcosystems: packagist
Packages: symfony/symfony, symfony/security-bundle
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: over 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-bundle
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: about 1 year ago
GSA_kwCzR0hTQS0zZ3YyLTI5cWMtdjY3bc4AAxVN
Symfony vulnerable to Session Fixation of CSRF tokensEcosystems: packagist
Packages: symfony/symfony, symfony/security-bundle
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/twig-bridge
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 6 months ago
GSA_kwCzR0hTQS1xODQ3LTJxNTctd21yM84AA3Cy
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filtersEcosystems: packagist
Packages: symfony/symfony, symfony/twig-bridge
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 6 months ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 6 months ago
GSA_kwCzR0hTQS1tMndqLXI2ZzMtZnhmeM4AA3Cx
Symfony possible session fixation vulnerabilityEcosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 6 months ago
Moderate
Ecosystems: packagist
Packages: symfony/security-bundle, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03aHdjLTJjcTQtNngyd84AAT5V
Symfony Open RedirectEcosystems: packagist
Packages: symfony/security-bundle, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1yN3A3LXFyN3AtMnJyZs4AAT52
Symfony Open RedirectEcosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: almost 2 years ago
GSA_kwCzR0hTQS04OXIyLTVnMzQtMmc0N84AATfR
Symfony Open RedirectEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-csrf
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 2 years ago
GSA_kwCzR0hTQS05Mng2LWgyZ3ItOGd4cc4AASJF
Symfony CSRF VulnerabilityEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-csrf
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/webhook
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: 6 months ago
GSA_kwCzR0hTQS03MngyLTVjODUtNndtcs4AA3Cz
Symfony potential Cross-site Scripting in WebhookControllerEcosystems: packagist
Packages: symfony/symfony, symfony/webhook
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: 6 months ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OTYtcTVyOC13N2cy
Symfony Cross-site Scripting (XSS) vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 4 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/error-handler
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04ODQtMjc5aC0zMnYy
Exceptions displayed in non-debug configurations in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/error-handler
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 4 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/maker-bundle, lexik/jwt-authentication-bundle, symfony/security-core, symfony/security-guard
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwdjgtcHB2ai00aDY4
Prevent user enumeration using Guard or the new Authenticator-based SecurityEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/maker-bundle, lexik/jwt-authentication-bundle, symfony/security-core, symfony/security-guard
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: symfony/form, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: almost 2 years ago
GSA_kwCzR0hTQS14M2NmLXc2NHgtNGNwMs4AATfM
Symfony Path DisclosureEcosystems: packagist
Packages: symfony/form, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2cGMtNWp4NC1jZnFn
User enumeration leak using switch user functionality in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: over 4 years ago
Low
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1jeDQtZjVmNS00ODU5
Prevent cache poisoning via a Response Content-Type header in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 4 years ago
Low
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1qNWpoLWhwcjQtaDMzMs4AAV_7
Symfony Session Fixation VulnerabilityEcosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/form
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nOTdjLWpmeDYteHZ4aM4AAcl9
Symfony Vulnerable to Timing AttackEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/form
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/http-kernel, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01YzU4LXc5eGMtcWNqOc4AAc0N
Symfony Vulnerable to PHP Eval InjectionEcosystems: packagist
Packages: symfony/http-kernel, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/http-kernel, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xbXF3LW1wcXAtbXI1NM4AAcRE
Symfony Incorrect Access ControlEcosystems: packagist
Packages: symfony/http-kernel, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/security, symfony/polyfill, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jcjQ5LWZ4MnYtOXA1N84AAd7g
Symfony Denial of Service Via Long Password HashingEcosystems: packagist
Packages: symfony/security, symfony/polyfill, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/routing, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04M2MzLXF4MjctMnJ3cs4AAfXs
Symfony Allows URI Restrictions Bypass Via Double-Encoded StringEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/routing, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcycWotcG14bS05Zjhm
User enumeration in authentication mechanismsEcosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
High
Ecosystems: packagist
Packages: symfony/yaml, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0ycjVoLTZyN3YtNW03Y84AAZ6g
Symphony Vulnerable to PHP Code Injection via YAML ParsingEcosystems: packagist
Packages: symfony/yaml, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04OWNwLWZ2Y2MtaHhoN84AAfYj
Symfony Access Control VulnerabilityEcosystems: packagist
Packages: symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: symfony/yaml, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03dzUzLWhmcHctcmczZ84AAZ60
Symfony Arbitrary PHP code ExecutionEcosystems: packagist
Packages: symfony/yaml, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Statistics
Advisories: 18,303
Packages: 8,274
Repositories: 2
Ecosystems: 12
Packages: 8,274
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
moodle/moodle
318
magento/community-edition
182
pimcore/pimcore
116
dolibarr/dolibarr
105
typo3/cms
102
microweber/microweber
91
phpmyadmin/phpmyadmin
91
typo3/cms-core
73
thorsten/phpmyfaq
70
drupal/core
70
drupal/drupal
56
librenms/librenms
54
symfony/symfony
53
concrete5/concrete5
52
shopware/platform
48
baserproject/basercms
43
showdoc/showdoc
40
craftcms/cms
40
intelliants/subrion
40
nilsteampassnet/teampass
37
froxlor/froxlor
36
shopware/core
36
silverstripe/framework
32
snipe/snipe-it
32
mautic/core
28
centreon/centreon
27
shopware/shopware
27
getgrav/grav
27
magento/core
24
prestashop/prestashop
24
pocketmine/pocketmine-mp
23
remdex/livehelperchat
23
grumpydictator/firefly-iii
22
getkirby/cms
22
contao/core-bundle
21
contao/contao
18
tribalsystems/zenario
18
forkcms/forkcms
18
cakephp/cakephp
17
symfony/security
17
genix/cms
17
cockpit-hq/cockpit
17
francoisjacquet/rosariosis
17
simplesamlphp/simplesamlphp
17
yetiforce/yetiforce-crm
16
topthink/framework
15
openmage/magento-lts
15
symfony/security-http
14
typo3/cms-backend
14
zendframework/zendframework1
14
ezsystems/ezpublish-kernel
14
ec-cube/ec-cube
14
phpmailer/phpmailer
14
smarty/smarty
14
elefant/cms
13
codeigniter4/framework
13
impresscms/impresscms
13
october/system
13
lavalite/cms
13
phpmyfaq/phpmyfaq
12
studio-42/elfinder
12
dompdf/dompdf
12
bolt/bolt
12
phpbb/phpbb
12
zendframework/zendframework
11
feehi/cms
11
feehi/feehicms
11
silverstripe/cms
11
pimcore/admin-ui-classic-bundle
10
admidio/admidio
10
opencart/opencart
10
pagekit/pagekit
10
wallabag/wallabag
10
ezsystems/ezplatform-kernel
10
sylius/sylius
10
wwbn/avideo
10
nukeviet/nukeviet
10
laravel/framework
10
TinyMCE
9
tinymce
9
tinymce/tinymce
9
alextselegidis/easyappointments
9
concrete5/core
9
kevinpapst/kimai2
9
october/october
9
ssddanbrown/bookstack
9
funadmin/funadmin
9
gilacms/gila
8
sulu/sulu
8
codiad/codiad
8
yiisoft/yii2
8
october/cms
8
facturascripts/facturascripts
8
pimcore/customer-management-framework-bundle
8
croogo/croogo
8
flarum/core
7
statamic/cms
7
symfony/http-foundation
7
silverstripe/graphql
7
silverstripe/admin
7
october/backend
7
symfony/http-kernel
6
composer/composer
6
yiisoft/yii2-dev
6
zoujingli/thinkadmin
6
bagisto/bagisto
6
guzzlehttp/guzzle
6
directmailteam/direct-mail
6
wpglobus/wpglobus
6
pterodactyl/panel
6
nystudio107/craft-seomatic
6
dweeves/magmi
6
contao/core
6
yourls/yourls
6
in2code/femanager
6
backdrop/backdrop
6
automad/automad
5
elgg/elgg
5
symfony/security-core
5
cachethq/cachet
5
gleez/cms
5
phpseclib/phpseclib
5
simplesamlphp/saml2
5
vrana/adminer
5
ezsystems/ezplatform-admin-ui
5
silverstripe/assets
5
thinkcmf/thinkcmf
5
phpxmlrpc/phpxmlrpc
5
billz/raspap-webgui
5
typo3/cms-install
5
oro/platform
5
anchorcms/anchor-cms
5
bottelet/flarepoint
5
pear/archive_tar
5
gugoan/economizzer
5
ibexa/core
5
oro/commerce
4
bytefury/crater
4
modx/revolution
4
appwrite/server-ce
4
evolutioncms/evolution
4
notrinos/notrinos-erp
4
shopware/storefront
4
phpservermon/phpservermon
4
wp-premium/gravityforms
4
pyrocms/pyrocms
4
magento/product-community-edition
4
bref/bref
4
typo3/cms-frontend
4
codeigniter4/shield
4
woocommerce/woocommerce
4
wintercms/winter
4
idno/known
4
spatie/browsershot
4
typo3/html-sanitizer
4
symfony/security-bundle
4
joomla/joomla-cms
3
prestashop/productcomments
3
processwire/processwire
3
quickapps/cms
3
mantisbt/mantisbt
3
phpoffice/phpspreadsheet
3
ckeditor4
3
joomla/framework
3
codeigniter/framework
3
symfony/form
3
illuminate/database
3
zencart/zencart
3
typo3/cms-form
3
qcubed/qcubed
3
verbb/comments
3
icecoder/icecoder
3
yiisoft/yii
3
flarum/framework
3
shopxo/shopxo
3
rudloff/alltube
3
enshrined/svg-sanitize
3
enhavo/enhavo-app
3
phenx/php-svg-lib
3
facade/ignition
3
tecnickcom/tcpdf
3
artesaos/seotools
3
sylius/resource-bundle
3
ezsystems/ezpublish-legacy
3
buddypress/buddypress
3
bbpress/bbpress
3
adodb/adodb-php
3
kimai/kimai
3
froala/wysiwyg-editor
3
limesurvey/limesurvey
3
apache-solr-for-typo3/solr
3
verot/class.upload.php
3
zendframework/zendopenid
3
zendframework/zendrest
3
zendframework/zendservice-audioscrobbler
3
uvdesk/community-skeleton
3
zendframework/zendservice-nirvanix
3
zendframework/zendservice-amazon
3
zendframework/zendservice-api
3
zendframework/zendservice-slideshare
3
Filter by Repository