An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

symfony/symfony

packagist · The Symfony PHP framework · Repository · Package

Moderate
11 months ago

Symfony allows changing the environment through a query GSA_kwCzR0hTQS14OHZwLWdmNHEtbXc1as4ABBBb

packagist symfony/symfony, symfony/runtime
High
over 1 year ago

Symfony Cross-Site Request Forgery vulnerability in the Web Profiler GSA_kwCzR0hTQS12MzVnLTRycnctaDRmd84AA8jj

packagist symfony/web-profiler-bundle, symfony/symfony
Moderate
over 1 year ago

Symfony has unsafe methods in the Request class GSA_kwCzR0hTQS1wNjg0LWY3ZmgtanYyas4AA8jb

packagist symfony/symfony, symfony/http-foundation
Moderate
over 1 year ago

Symfony has a security issue when parsing the Authorization header GSA_kwCzR0hTQS1oN3YyLTJxd2ctaDgyOc4AA8ja

packagist symfony/symfony, symfony/http-foundation
Moderate
over 1 year ago

Symfony2 security issue when the trust proxy mode is enabled GSA_kwCzR0hTQS12Zm02LXIyZ2MtcHd3d84AA8jY

packagist symfony/symfony, symfony/http-foundation
Moderate
almost 2 years ago

Symfony potential Cross-site Scripting in WebhookController GSA_kwCzR0hTQS03MngyLTVjODUtNndtcs4AA3Cz

packagist symfony/symfony, symfony/webhook
Moderate
almost 2 years ago

Symfony possible session fixation vulnerability GSA_kwCzR0hTQS1tMndqLXI2ZzMtZnhmeM4AA3Cx

packagist symfony/symfony, symfony/security-http
Moderate
over 2 years ago

Symfony storing cookie headers in HttpCache GSA_kwCzR0hTQS1oN3ZmLTV3cnYtOWZods4AAxVO

packagist symfony/symfony, symfony/http-kernel
Moderate
over 2 years ago

Symfony vulnerable to Session Fixation of CSRF tokens GSA_kwCzR0hTQS0zZ3YyLTI5cWMtdjY3bc4AAxVN

packagist symfony/symfony, symfony/security-bundle
Critical
over 3 years ago

Symfony Incorrect Access Control GSA_kwCzR0hTQS1xODd2LXE4ZnctZ21qNc4AAgyh

packagist symfony/symfony, symfony/security, symfony/security-core
Moderate
over 3 years ago

Symfony Allows URI Restrictions Bypass Via Double-Encoded String GSA_kwCzR0hTQS04M2MzLXF4MjctMnJ3cs4AAfXs

packagist symfony/symfony, symfony/security, symfony/routing, symfony/http-foundation
Moderate
over 3 years ago

Symfony Denial of Service Via Long Password Hashing GSA_kwCzR0hTQS1jcjQ5LWZ4MnYtOXA1N84AAd7g

packagist symfony/security, symfony/polyfill, symfony/symfony
High
over 3 years ago

Symfony Cryptographic Vulnerability GSA_kwCzR0hTQS1qang1LWZxNWctOHhwY84AAdU8

packagist symfony/symfony, symfony/security, symfony/security-core
High
over 3 years ago

Symphony Denial of Service Via Overlong Usernames GSA_kwCzR0hTQS13aGd2LThjZzMtN2hjbc4AAdU9

packagist symfony/symfony, symfony/security, symfony/security-http
Moderate
over 3 years ago

Symfony Vulnerable to PHP Eval Injection GSA_kwCzR0hTQS01YzU4LXc5eGMtcWNqOc4AAc0N

packagist symfony/http-kernel, symfony/symfony
High
over 3 years ago

Symfony Vulnerable to Timing Attack GSA_kwCzR0hTQS1nOTdjLWpmeDYteHZ4aM4AAcl9

packagist symfony/symfony, symfony/security, symfony/security-http, symfony/form
Moderate
over 3 years ago

Symfony Incorrect Access Control GSA_kwCzR0hTQS1xbXF3LW1wcXAtbXI1NM4AAcRE

packagist symfony/http-kernel, symfony/symfony
High
over 3 years ago

Symfony Arbitrary PHP code Execution GSA_kwCzR0hTQS03dzUzLWhmcHctcmczZ84AAZ60

packagist symfony/yaml, symfony/symfony
Critical
over 3 years ago

Symfony Authentication Bypass GSA_kwCzR0hTQS0zNWM1LTI4cGctMnFnNM4AAWke

packagist symfony/symfony, symfony/security, symfony/security-core
Critical
over 3 years ago

Symfony Authentication Bypass GSA_kwCzR0hTQS13dmo1LXI3OHItaGhmcc4AAWjw

packagist symfony/symfony, symfony/security, symfony/security-core
Moderate
over 3 years ago

Symfony SSRF Vulnerability via Form Component GSA_kwCzR0hTQS1jcXFoLTk0cjYtd2pyZ84AAV2m

packagist symfony/symfony, symfony/form
High
over 3 years ago

Symfony Host Header Injection GSA_kwCzR0hTQS02NnA2LTdwMjktNTVwOc4AAVWh

packagist symfony/symfony
Moderate
over 3 years ago

Symfony Open Redirect GSA_kwCzR0hTQS1yN3A3LXFyN3AtMnJyZs4AAT52

packagist symfony/symfony
High
over 3 years ago

Symfony Directory Traversal GSA_kwCzR0hTQS1jNDlyLThnajYtNzY4cs4AAT5H

packagist symfony/symfony, symfony/intl
Moderate
over 3 years ago

Symfony Open Redirect GSA_kwCzR0hTQS03aHdjLTJjcTQtNngyd84AAT5V

packagist symfony/symfony
Moderate
over 3 years ago

Symfony DoS GSA_kwCzR0hTQS1yMnJxLTNoNTYtZnFtNM4AATu7

packagist symfony/symfony
High
over 3 years ago

Symfony CSRF Token Fixation GSA_kwCzR0hTQS1nNGc3LXE3MjYtdjVoZ84AATux

packagist symfony/symfony
Moderate
over 3 years ago

Symfony Open Redirect GSA_kwCzR0hTQS04OXIyLTVnMzQtMmc0N84AATfR

packagist symfony/symfony, symfony/security, symfony/security-http
Moderate
over 3 years ago

Symfony Path Disclosure GSA_kwCzR0hTQS14M2NmLXc2NHgtNGNwMs4AATfM

packagist symfony/symfony
Moderate
over 3 years ago

Symfony CSRF Vulnerability GSA_kwCzR0hTQS05Mng2LWgyZ3ItOGd4cc4AASJF

packagist symfony/symfony, symfony/security, symfony/security-csrf
Moderate
almost 4 years ago

CSV Injection in symfony/serializer GSA_kwCzR0hTQS0yeGhnLXcyZzUtdzk1eM0YGA

packagist symfony/symfony
Moderate
over 4 years ago

Prevent user enumeration using Guard or the new Authenticator-based Security MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwdjgtcHB2ai00aDY4

packagist symfony/symfony, symfony/security, symfony/security-http, symfony/maker-bundle, lexik/jwt-authentication-bundle, symfony/security-core, symfony/security-guard
High
about 5 years ago

RCE in Symfony MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1NGgtNXIyNy03eDNy

packagist symfony/symfony, symfony/http-kernel
High
over 5 years ago

Improper authentication in Symfony MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjaHgtbWZyYy1md3Fy

packagist symfony/symfony, symfony/security, symfony/security-http
Critical
over 5 years ago

Improper Input Validation in Symfony MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0cmMtcngyNS04bTg2

packagist symfony/var-exporter, symfony/symfony
High
almost 6 years ago

Argument injection in a MimeTypeGuesser in Symfony MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoaDYtOTU2cS00cTY5

packagist symfony/symfony, symfony/mime, symfony/http-foundation