Browse Security Advisories
Moderate Security Advisories for symfony/symfony in packagist Clear Filters
Moderate
10 months ago
Symfony allows changing the environment through a query
packagist
symfony/symfony, symfony/runtime
Moderate
about 1 year ago
Symfony may allow a user to switch to using another user's identity
packagist
symfony/symfony
Moderate
about 1 year ago
Symfony has unsafe methods in the Request class
packagist
symfony/symfony, symfony/http-foundation
Moderate
about 1 year ago
Symfony has a security issue when parsing the Authorization header
packagist
symfony/symfony, symfony/http-foundation
Moderate
about 1 year ago
Symfony2 security issue when the trust proxy mode is enabled
packagist
symfony/symfony, symfony/http-foundation
Moderate
almost 2 years ago
Symfony potential Cross-site Scripting in WebhookController
packagist
symfony/symfony, symfony/webhook
Moderate
almost 2 years ago
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
packagist
symfony/symfony, symfony/twig-bridge
Moderate
almost 2 years ago
Symfony possible session fixation vulnerability
packagist
symfony/symfony, symfony/security-http
Moderate
over 2 years ago
Symfony storing cookie headers in HttpCache
packagist
symfony/symfony, symfony/http-kernel
Moderate
over 2 years ago
Symfony vulnerable to Session Fixation of CSRF tokens
packagist
symfony/symfony, symfony/security-bundle
Moderate
over 3 years ago
Symfony Allows URI Restrictions Bypass Via Double-Encoded String
packagist
symfony/symfony, symfony/security, symfony/routing, symfony/http-foundation
Moderate
over 3 years ago
Symfony Denial of Service Via Long Password Hashing
packagist
symfony/security, symfony/polyfill, symfony/symfony
Moderate
over 3 years ago
Symfony Vulnerable to PHP Eval Injection
packagist
symfony/http-kernel, symfony/symfony
Moderate
over 3 years ago
Symfony Incorrect Access Control
packagist
symfony/http-kernel, symfony/symfony
Moderate
over 3 years ago
Symfony SSRF Vulnerability via Form Component
packagist
symfony/symfony, symfony/form
Moderate
over 3 years ago
Symfony Open Redirect
packagist
symfony/security, symfony/security-http, symfony/symfony
Moderate
over 3 years ago
Symfony Open Redirect
packagist
symfony/symfony, symfony/security, symfony/security-http
Moderate
over 3 years ago
Symfony CSRF Vulnerability
packagist
symfony/symfony, symfony/security, symfony/security-csrf
Moderate
over 3 years ago
Symfony HTTP Foundation web cache poisoning
packagist
symfony/symfony, symfony/http-foundation
Moderate
over 3 years ago
Symfony Host Header Injection vulnerability in the HttpFoundation component
packagist
symfony/http-foundation, symfony/symfony
Moderate
over 3 years ago
CSV Injection in symfony/serializer
packagist
symfony/symfony, symfony/serializer
Moderate
over 3 years ago
Cookie persistence after password changes in symfony/security-bundle
packagist
symfony/symfony, symfony/security-bundle
Moderate
over 3 years ago
Webcache Poisoning in symfony/http-kernel
packagist
symfony/symfony, symfony/http-kernel
Moderate
about 4 years ago
Authentication granted to all firewalls instead of just one
packagist
symfony/symfony, symfony/security-http
Moderate
over 4 years ago
Prevent user enumeration using Guard or the new Authenticator-based Security
packagist
symfony/symfony, symfony/security, symfony/security-http, symfony/maker-bundle, lexik/jwt-authentication-bundle, symfony/security-core, symfony/security-guard
Moderate
over 5 years ago
Exceptions displayed in non-debug configurations in Symfony
packagist
symfony/symfony, symfony/error-handler
Moderate
over 5 years ago
User enumeration leak using switch user functionality in Symfony
packagist
symfony/symfony, symfony/security-http
Moderate
almost 6 years ago
Symfony Cross-site Scripting (XSS) vulnerability
packagist
drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Filter by Severity
Filter by Ecosystem
maven
3,224
packagist
3,022
pypi
2,050
npm
1,365
go
1,312
nuget
660
rubygems
442
cargo
414
hex
16
swift
14
actions
7
pub
3
Filter by Package
moodle/moodle
307
magento/community-edition
167
typo3/cms
129
pimcore/pimcore
87
typo3/cms-core
74
microweber/microweber
72
silverstripe/framework
68
phpmyadmin/phpmyadmin
56
dolibarr/dolibarr
55
drupal/core
54
magento/project-community-edition
51
thorsten/phpmyfaq
47
concrete5/concrete5
46
librenms/librenms
43
drupal/drupal
42
showdoc/showdoc
34
mantisbt/mantisbt
33
symfony/symfony
33
craftcms/cms
30
baserproject/basercms
26
intelliants/subrion
26
snipe/snipe-it
25
mautic/core
24
shopware/platform
23
nilsteampassnet/teampass
21
grumpydictator/firefly-iii
20
froxlor/froxlor
20
mediawiki/core
20
shopware/shopware
19
remdex/livehelperchat
18
zendframework/zendframework1
17
shopware/core
17
getkirby/cms
17
yetiforce/yetiforce-crm
15
prestashop/prestashop
15
tribalsystems/zenario
13
forkcms/forkcms
13
contao/core-bundle
13
wallabag/wallabag
12
simplesamlphp/simplesamlphp
12
phpoffice/phpexcel
11
genix/cms
11
laravel/framework
11
tinymce
11
getgrav/grav
11
tinymce/tinymce
11
TinyMCE
11
ec-cube/ec-cube
11
feehi/feehicms
11
lavalite/cms
11
bolt/bolt
10
silverstripe/cms
10
francoisjacquet/rosariosis
10
opencart/opencart
10
typo3/cms-backend
10
phpoffice/phpspreadsheet
10
zendframework/zendframework
10
pimcore/admin-ui-classic-bundle
9
bootstrap
9
sylius/sylius
9
bootstrap
9
bootstrap
9
twbs/bootstrap
9
org.webjars:bootstrap
9
cakephp/cakephp
9
sulu/sulu
8
impresscms/impresscms
8
centreon/centreon
8
contao/contao
8
phpbb/phpbb
8
phpmyfaq/phpmyfaq
8
croogo/croogo
7
symfony/http-foundation
7
bootstrap-sass
7
kevinpapst/kimai2
7
leantime/leantime
7
feehi/cms
7
silverstripe/admin
7
alextselegidis/easyappointments
7
pimcore/customer-management-framework-bundle
7
in2code/femanager
7
bootstrap.sass
7
admidio/admidio
7
modx/revolution
7
cockpit-hq/cockpit
7
pocketmine/pocketmine-mp
6
bootstrap-sass
6
symfony/security
6
magento/core
6
dompdf/dompdf
6
spatie/browsershot
6
starcitizentools/citizen-skin
6
elefant/cms
6
backdrop/backdrop
6
facturascripts/facturascripts
6
wpglobus/wpglobus
6
symfony/security-http
6
pagekit/pagekit
6
pterodactyl/panel
5
redaxo/source
5
ssddanbrown/bookstack
5
yiisoft/yii2
5
in2code/powermail
5
nukeviet/nukeviet
5
phpservermon/phpservermon
5
tecnickcom/tcpdf
5
limesurvey/limesurvey
5
ezsystems/ezplatform-admin-ui
5
directmailteam/direct-mail
5
oro/platform
5
evolutioncms/evolution
4
contao/core
4
drupal/ai
4
openmage/magento-lts
4
woocommerce/woocommerce
4
symfony/http-kernel
4
october/cms
4
elgg/elgg
4
neos/flow
4
october/system
4
oro/commerce
4
mautic/core-lib
4
froala/wysiwyg-editor
4
silverstripe/graphql
4
flarum/core
4
shopxo/shopxo
4
typo3/html-sanitizer
4
getformwork/formwork
4
concrete5/core
4
october/october
4
bagisto/bagisto
4
ezsystems/ezpublish-legacy
4
thinkcmf/thinkcmf
4
silverstripe/assets
4
typo3/flow
4
phpxmlrpc/phpxmlrpc
4
dweeves/magmi
4
passbolt/passbolt_api
4
dcat/laravel-admin
4
codeigniter4/shield
4
moonshine/moonshine
4
ezyang/htmlpurifier
4
gleez/cms
4
yourls/yourls
4
smarty/smarty
4
joomla/joomla-cms
4
gilacms/gila
4
artesaos/seotools
3
zendframework/zendopenid
3
zendframework/zendservice-audioscrobbler
3
wp-premium/gravityforms
3
enshrined/svg-sanitize
3
flarum/framework
3
ckeditor/ckeditor
3
yui
3
ezsystems/ezpublish-kernel
3
ckeditor4
3
zendframework/zendservice-technorati
3
zendframework/zendrest
3
verbb/formie
3
drupal/core-recommended
3
jquery-rails
3
unopim/unopim
3
wwbn/avideo
3
anchorcms/anchor-cms
3
shopware/storefront
3
api-platform/core
3
icecoder/icecoder
3
enhavo/enhavo-app
3
pixelfed/pixelfed
3
idno/known
3
codeigniter4/framework
3
bottelet/flarepoint
3
ibexa/admin-ui
3
league/commonmark
3
yiisoft/yii2-dev
3
ezsystems/ezplatform-kernel
3
django-tinymce
3
org.webjars.npm:jquery
3
typo3/cms-install
3
neos/neos
3
jquery
3
zendframework/zendservice-windowsazure
3
zendframework/zendservice-amazon
3
ezsystems/ezplatform-admin-ui-assets
3
zendframework/zendservice-nirvanix
3
zendframework/zendservice-api
3
phpmailer/phpmailer
3
twig/twig
3
illuminate/auth
3
verbb/comments
3
bref/bref
3
friendsofsymfony/user-bundle
3
symfony/security-bundle
3
reportico-web/reportico
3
zendframework/zendservice-slideshare
3
prestashop/blockreassurance
2
austintoddj/canvas
2
org.webjars.npm:bootstrap
2
statamic/cms
2