pkg:Bitnami/symfony

所有已知漏洞

• HIGH8.1CVE-2022-23601CSRF token missing in Symfony
  from 0, < 5.3.15, >= 5.4.0, < 5.4.4, >= 6.0.0, < 6.0.4
• HIGH8.0CVE-2020-15094RCE in Symfony
  >= 4.4.0, < 4.4.13, >= 5.1.0, < 5.1.5
• HIGH7.6CVE-2020-5275Firewall configured with unanimous strategy was not actually unanimous in Symfony
  >= 4.4.0, < 4.4.7, >= 5.0.0, < 5.0.7
• MEDIUM6.8CVE-2021-32693Authentication granted to all firewalls instead of just one
  >= 5.3.0, < 5.3.2
• MEDIUM6.5CVE-2023-46733Symfony possible session fixation vulnerability
  >= 5.4.21, < 5.4.31, >= 6.2.7, < 6.3.8
• MEDIUM6.5CVE-2021-41270CSV Injection in symfony/serializer
  >= 4.1.0, < 4.4.35, >= 5.0.0, < 5.3.12
• MEDIUM6.5CVE-2021-41268Cookie persistence after password changes in symfony/security-bundle
  >= 5.3.0, < 5.3.12
• MEDIUM6.5CVE-2021-41267Webcache Poisoning in symfony/http-kernel
  >= 5.2.0, < 5.3.12
• MEDIUM6.3CVE-2022-24895Symfony vulnerable to Session Fixation of CSRF tokens
  >= 2.0.0, < 4.4.50, >= 5.0.0, < 5.4.20, >= 6.0.0, < 6.0.20, >= 6.1.0, < 6.1.12, >= 6.2.0, < 6.2.6
• MEDIUM6.1CVE-2023-46735Symfony potential Cross-site Scripting in WebhookController
  >= 6.0.0, < 6.3.8
• MEDIUM6.1CVE-2023-46734symfony - security update
  >= 2.0.0, < 4.4.51, >= 5.0.0, < 5.4.31, >= 6.0.0, < 6.3.8
• MEDIUM5.9CVE-2022-24894Symfony storing cookie headers in HttpCache
  >= 2.0.0, < 4.4.50, >= 5.0.0, < 5.4.2, >= 6.0.0, < 6.0.20, >= 6.1.0, < 6.1.12, >= 6.2.0, < 6.2.6
• MEDIUM5.3CVE-2021-21424Prevent user enumeration using Guard or the new Authenticator-based Security
  >= 2.8.0, < 3.4.48, >= 4.0.0, < 4.4.23, >= 5.0.0, < 5.2.8
• MEDIUM4.6CVE-2020-5274Exceptions displayed in non-debug configurations in Symfony
  >= 4.4.0, < 4.4.4, >= 5.0.0, < 5.0.4
• LOW2.6CVE-2020-5255Prevent cache poisoning via a Response Content-Type header in Symfony
  >= 4.4.0, < 4.4.7, >= 5.0.0, < 5.0.7