pkg:Packagist/symfony/security

17 total CVEsCRITICAL3HIGH6MEDIUM4LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2017-11365Symfony Incorrect Access Control
    >= 2.7.30, < 2.7.32
  • CRITICAL9.8CVE-2018-11407Symfony Authentication Bypass
    >= 2.8.0, < 2.8.37
  • CRITICAL9.8CVE-2016-2403symfony - security update
    >= 2.8.0, < 2.8.6
  • HIGH8.8CVE-2018-11406Symfony CSRF Token Fixation
    >= 2.7.0, < 2.7.48
  • HIGH8.1CVE-2018-11385Symfony Session Fixation Vulnerability
    >= 2.7.0, < 2.7.48
  • HIGH7.6CVE-2020-5275Firewall configured with unanimous strategy was not actually unanimous in Symfony
    >= 4.4.0, < 4.4.7
  • HIGH7.5CVE-2016-1902symfony - security update
    >= 2.3.0, < 2.3.37
  • HIGH7.5CVE-2016-4423Symphony Denial of Service Via Overlong Usernames
    >= 2.3.0, < 2.3.41
  • HIGH7.5CVE-2019-10911Improper authentication in Symfony
    >= 2.7.0, < 2.7.51
  • MEDIUM6.1CVE-2017-16652symfony - security update
    >= 2.7.0, < 2.7.38
  • MEDIUM6.1CVE-2018-19790Symfony Open Redirect
    >= 2.7.38, < 2.7.50
  • MEDIUM5.9CVE-2017-16653Symfony CSRF Vulnerability
    >= 2.7.0, < 2.7.38
  • MEDIUM5.3CVE-2021-21424Prevent user enumeration using Guard or the new Authenticator-based Security
    >= 5.0.0, < 5.2.8
  • LOW3.1CVE-2015-8124symfony - security update
    >= 2.3.0, < 2.3.35
  • CVE-2012-6431Symfony Allows URI Restrictions Bypass Via Double-Encoded String
    >= 2.0.0, < 2.0.19
  • CVE-2013-5958Symfony Denial of Service Via Long Password Hashing
    >= 2.0.0, < 2.0.25
  • CVE-2015-8125Symfony Vulnerable to Timing Attack
    >= 2.3.0, < 2.3.35