Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/form@2.3.9
Typecomposer
Namespacesymfony
Nameform
Version2.3.9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.0.0-BETA1
Latest_non_vulnerable_version6.3.0-BETA1
Affected_by_vulnerabilities
0
url VCID-5u5z-qzg2-sbhg
vulnerability_id VCID-5u5z-qzg2-sbhg
summary 
Information Exposure Through Timing Discrepancy
Symfony allows remote attackers to have unspecified impact via a timing attack.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8125
reference_id
reference_type
scores
0
value 0.01008
scoring_system epss
scoring_elements 0.77109
published_at 2026-04-18T12:55:00Z
1
value 0.01008
scoring_system epss
scoring_elements 0.77004
published_at 2026-04-01T12:55:00Z
2
value 0.01008
scoring_system epss
scoring_elements 0.7701
published_at 2026-04-02T12:55:00Z
3
value 0.01008
scoring_system epss
scoring_elements 0.77039
published_at 2026-04-04T12:55:00Z
4
value 0.01008
scoring_system epss
scoring_elements 0.7702
published_at 2026-04-07T12:55:00Z
5
value 0.01008
scoring_system epss
scoring_elements 0.77052
published_at 2026-04-08T12:55:00Z
6
value 0.01008
scoring_system epss
scoring_elements 0.77062
published_at 2026-04-09T12:55:00Z
7
value 0.01008
scoring_system epss
scoring_elements 0.77091
published_at 2026-04-11T12:55:00Z
8
value 0.01008
scoring_system epss
scoring_elements 0.77071
published_at 2026-04-12T12:55:00Z
9
value 0.01008
scoring_system epss
scoring_elements 0.77066
published_at 2026-04-13T12:55:00Z
10
value 0.01008
scoring_system epss
scoring_elements 0.77107
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8125
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8124
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8124
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8125
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8125
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/form/CVE-2015-8125.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/form/CVE-2015-8125.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2015-8125.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2015-8125.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2015-8125.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2015-8125.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2015-8125.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2015-8125.yaml
9
reference_url https://github.com/symfony/symfony/pull/16630
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/pull/16630
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8125
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8125
11
reference_url https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service
12
reference_url https://web.archive.org/web/20200228050051/http://www.securityfocus.com/bid/77692
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228050051/http://www.securityfocus.com/bid/77692
13
reference_url http://www.debian.org/security/2015/dsa-3402
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3402
14
reference_url http://www.securityfocus.com/bid/77692
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/77692
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.1:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.10:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.11:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.12:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.13:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.14:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.15:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.16:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.17:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.18:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.2:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.20:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.21:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.22:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.23:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.24:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.25:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.26:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.27:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.28:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.29:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.3:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.30:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.31:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.32:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.33:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.34:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.4:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.5:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.6:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.7:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.8:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.3.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.3.9:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.10:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.11:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.2:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.6:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.7:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.8:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.6.9:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.1:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.2:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.3:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.4:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.5:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sensiolabs:symfony:2.7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sensiolabs:symfony:2.7.6:*:*:*:*:*:*:*
69
reference_url https://symfony.com/cve-2015-8125
reference_id CVE-2015-8125
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2015-8125
70
reference_url https://github.com/advisories/GHSA-g97c-jfx6-xvxh
reference_id GHSA-g97c-jfx6-xvxh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g97c-jfx6-xvxh
fixed_packages
0
url pkg:composer/symfony/form@2.3.35
purl pkg:composer/symfony/form@2.3.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qwcj-hq3g-2qd7
1
vulnerability VCID-rgh3-ef8t-k3ec
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@2.3.35
1
url pkg:composer/symfony/form@2.6.12
purl pkg:composer/symfony/form@2.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qwcj-hq3g-2qd7
1
vulnerability VCID-rgh3-ef8t-k3ec
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@2.6.12
2
url pkg:composer/symfony/form@2.7.7
purl pkg:composer/symfony/form@2.7.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hxhq-zdyu-dudz
1
vulnerability VCID-qwcj-hq3g-2qd7
2
vulnerability VCID-rgh3-ef8t-k3ec
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@2.7.7
aliases CVE-2015-8125, GHSA-g97c-jfx6-xvxh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5u5z-qzg2-sbhg
1
url VCID-qwcj-hq3g-2qd7
vulnerability_id VCID-qwcj-hq3g-2qd7
summary 
Cross-Site Request Forgery (CSRF)
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23601
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38726
published_at 2026-04-07T12:55:00Z
1
value 0.00173
scoring_system epss
scoring_elements 0.38758
published_at 2026-04-18T12:55:00Z
2
value 0.00173
scoring_system epss
scoring_elements 0.3878
published_at 2026-04-16T12:55:00Z
3
value 0.00173
scoring_system epss
scoring_elements 0.38735
published_at 2026-04-13T12:55:00Z
4
value 0.00173
scoring_system epss
scoring_elements 0.38762
published_at 2026-04-12T12:55:00Z
5
value 0.00173
scoring_system epss
scoring_elements 0.38798
published_at 2026-04-11T12:55:00Z
6
value 0.00173
scoring_system epss
scoring_elements 0.38787
published_at 2026-04-09T12:55:00Z
7
value 0.00173
scoring_system epss
scoring_elements 0.38775
published_at 2026-04-08T12:55:00Z
8
value 0.00173
scoring_system epss
scoring_elements 0.38797
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23601
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2022-23601.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2022-23601.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-23601.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-23601.yaml
3
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
4
reference_url https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:56:46Z/
url https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50
5
reference_url https://symfony.com/cve-2022-23601
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2022-23601
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23601
reference_id CVE-2022-23601
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23601
7
reference_url https://github.com/advisories/GHSA-vvmr-8829-6whx
reference_id GHSA-vvmr-8829-6whx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vvmr-8829-6whx
8
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx
reference_id GHSA-vvmr-8829-6whx
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:56:46Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx
fixed_packages
0
url pkg:composer/symfony/form@5.3.15
purl pkg:composer/symfony/form@5.3.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@5.3.15
1
url pkg:composer/symfony/form@5.4.0-BETA1
purl pkg:composer/symfony/form@5.4.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rgh3-ef8t-k3ec
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@5.4.0-BETA1
2
url pkg:composer/symfony/form@5.4.4
purl pkg:composer/symfony/form@5.4.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@5.4.4
3
url pkg:composer/symfony/form@6.0.0-BETA1
purl pkg:composer/symfony/form@6.0.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.0.0-BETA1
4
url pkg:composer/symfony/form@6.0.4
purl pkg:composer/symfony/form@6.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.0.4
5
url pkg:composer/symfony/form@6.2.0-BETA3
purl pkg:composer/symfony/form@6.2.0-BETA3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.2.0-BETA3
aliases CVE-2022-23601, GHSA-vvmr-8829-6whx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qwcj-hq3g-2qd7
2
url VCID-rgh3-ef8t-k3ec
vulnerability_id VCID-rgh3-ef8t-k3ec
summary 
Duplicate
This advisory duplicates another.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24894
reference_id
reference_type
scores
0
value 0.00188
scoring_system epss
scoring_elements 0.4061
published_at 2026-04-07T12:55:00Z
1
value 0.00188
scoring_system epss
scoring_elements 0.40648
published_at 2026-04-18T12:55:00Z
2
value 0.00188
scoring_system epss
scoring_elements 0.40678
published_at 2026-04-16T12:55:00Z
3
value 0.00188
scoring_system epss
scoring_elements 0.40634
published_at 2026-04-13T12:55:00Z
4
value 0.00188
scoring_system epss
scoring_elements 0.40653
published_at 2026-04-12T12:55:00Z
5
value 0.00188
scoring_system epss
scoring_elements 0.40688
published_at 2026-04-11T12:55:00Z
6
value 0.00188
scoring_system epss
scoring_elements 0.4067
published_at 2026-04-09T12:55:00Z
7
value 0.00188
scoring_system epss
scoring_elements 0.40661
published_at 2026-04-08T12:55:00Z
8
value 0.00188
scoring_system epss
scoring_elements 0.40689
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24894
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24894
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24894
2
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
3
reference_url https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:29Z/
url https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb
4
reference_url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:29Z/
url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24894
reference_id CVE-2022-24894
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24894
6
reference_url https://symfony.com/cve-2022-24894
reference_id CVE-2022-24894
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2022-24894
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-kernel/CVE-2022-24894.yaml
reference_id CVE-2022-24894.YAML
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-kernel/CVE-2022-24894.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-24894.yaml
reference_id CVE-2022-24894.YAML
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-24894.yaml
9
reference_url https://github.com/advisories/GHSA-h7vf-5wrv-9fhv
reference_id GHSA-h7vf-5wrv-9fhv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h7vf-5wrv-9fhv
10
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv
reference_id GHSA-h7vf-5wrv-9fhv
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:29Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv
11
reference_url https://usn.ubuntu.com/7272-1/
reference_id USN-7272-1
reference_type
scores
url https://usn.ubuntu.com/7272-1/
fixed_packages
0
url pkg:composer/symfony/form@4.4.50
purl pkg:composer/symfony/form@4.4.50
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@4.4.50
1
url pkg:composer/symfony/form@5.0.0-BETA1
purl pkg:composer/symfony/form@5.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qwcj-hq3g-2qd7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@5.0.0-BETA1
2
url pkg:composer/symfony/form@5.4.2
purl pkg:composer/symfony/form@5.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qwcj-hq3g-2qd7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@5.4.2
3
url pkg:composer/symfony/form@6.0.20
purl pkg:composer/symfony/form@6.0.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.0.20
4
url pkg:composer/symfony/form@6.1.0-BETA1
purl pkg:composer/symfony/form@6.1.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.1.0-BETA1
5
url pkg:composer/symfony/form@6.1.12
purl pkg:composer/symfony/form@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.1.12
6
url pkg:composer/symfony/form@6.2.0-BETA1
purl pkg:composer/symfony/form@6.2.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.2.0-BETA1
7
url pkg:composer/symfony/form@6.2.6
purl pkg:composer/symfony/form@6.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.2.6
8
url pkg:composer/symfony/form@6.3.0-BETA1
purl pkg:composer/symfony/form@6.3.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@6.3.0-BETA1
aliases CVE-2022-24894, GHSA-h7vf-5wrv-9fhv, GMS-2023-209, GMS-2023-212
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgh3-ef8t-k3ec
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/form@2.3.9