Moderate Security Advisories for symfony/symfony in packagist Clear Filters
Moderate
over 1 year ago
Symfony may allow a user to switch to using another user's identity
packagist
symfony/symfony
Moderate
over 1 year ago
Symfony has unsafe methods in the Request class
packagist
symfony/symfony, symfony/http-foundation
Moderate
over 1 year ago
Symfony has a security issue when parsing the Authorization header
packagist
symfony/symfony, symfony/http-foundation
Moderate
over 1 year ago
Symfony2 security issue when the trust proxy mode is enabled
packagist
symfony/symfony, symfony/http-foundation
Moderate
about 2 years ago
Symfony potential Cross-site Scripting in WebhookController
packagist
symfony/symfony, symfony/webhook
Moderate
about 2 years ago
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
packagist
symfony/symfony, symfony/twig-bridge
Moderate
about 2 years ago
Symfony possible session fixation vulnerability
packagist
symfony/symfony, symfony/security-http
Moderate
almost 3 years ago
Symfony storing cookie headers in HttpCache
packagist
symfony/symfony, symfony/http-kernel
Moderate
almost 3 years ago
Symfony vulnerable to Session Fixation of CSRF tokens
packagist
symfony/symfony, symfony/security-bundle
Moderate
over 3 years ago
Symfony Allows URI Restrictions Bypass Via Double-Encoded String
packagist
symfony/symfony, symfony/security, symfony/routing, symfony/http-foundation
Moderate
over 3 years ago
Symfony Denial of Service Via Long Password Hashing
packagist
symfony/security, symfony/polyfill, symfony/symfony
Moderate
over 3 years ago
Symfony Vulnerable to PHP Eval Injection
packagist
symfony/http-kernel, symfony/symfony
Moderate
over 3 years ago
Symfony Incorrect Access Control
packagist
symfony/http-kernel, symfony/symfony
Moderate
over 3 years ago
Symfony SSRF Vulnerability via Form Component
packagist
symfony/symfony, symfony/form
Moderate
over 3 years ago
Symfony Open Redirect
packagist
symfony/symfony, symfony/security, symfony/security-http
Moderate
over 3 years ago
Symfony CSRF Vulnerability
packagist
symfony/symfony, symfony/security, symfony/security-csrf
Moderate
over 3 years ago
Symfony Host Header Injection vulnerability in the HttpFoundation component
packagist
symfony/symfony
Moderate
over 4 years ago
Authentication granted to all firewalls instead of just one
packagist
symfony/symfony, symfony/security-http
Moderate
over 4 years ago
Prevent user enumeration using Guard or the new Authenticator-based Security
packagist
symfony/symfony, symfony/security, symfony/security-http, symfony/maker-bundle, lexik/jwt-authentication-bundle, symfony/security-core, symfony/security-guard
Moderate
over 5 years ago
Exceptions displayed in non-debug configurations in Symfony
packagist
symfony/symfony, symfony/error-handler
Moderate
about 6 years ago
User enumeration leak using switch user functionality in Symfony
packagist
symfony/symfony, symfony/security-http
Moderate
about 6 years ago
Symfony Cross-site Scripting (XSS) vulnerability
packagist
drupal/core, symfony/symfony, symfony/framework-bundle