Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/security@2.7.51
Typecomposer
Namespacesymfony
Namesecurity
Version2.7.51
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.4.48
Latest_non_vulnerable_version4.4.24
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-bpkv-qrmp-huac
vulnerability_id VCID-bpkv-qrmp-huac
summary 
Improper Authentication
In Symfony, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10911
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50704
published_at 2026-04-16T12:55:00Z
1
value 0.00272
scoring_system epss
scoring_elements 0.50637
published_at 2026-04-24T12:55:00Z
2
value 0.00272
scoring_system epss
scoring_elements 0.50689
published_at 2026-04-21T12:55:00Z
3
value 0.00272
scoring_system epss
scoring_elements 0.5071
published_at 2026-04-18T12:55:00Z
4
value 0.00283
scoring_system epss
scoring_elements 0.51701
published_at 2026-04-04T12:55:00Z
5
value 0.00283
scoring_system epss
scoring_elements 0.51722
published_at 2026-04-13T12:55:00Z
6
value 0.00283
scoring_system epss
scoring_elements 0.51739
published_at 2026-04-12T12:55:00Z
7
value 0.00283
scoring_system epss
scoring_elements 0.51761
published_at 2026-04-11T12:55:00Z
8
value 0.00283
scoring_system epss
scoring_elements 0.51712
published_at 2026-04-09T12:55:00Z
9
value 0.00283
scoring_system epss
scoring_elements 0.51716
published_at 2026-04-08T12:55:00Z
10
value 0.00283
scoring_system epss
scoring_elements 0.51661
published_at 2026-04-07T12:55:00Z
11
value 0.00283
scoring_system epss
scoring_elements 0.51625
published_at 2026-04-01T12:55:00Z
12
value 0.00283
scoring_system epss
scoring_elements 0.51676
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10911
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2019-10911.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2019-10911.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2019-10911.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2019-10911.yaml
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10911.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10911.yaml
12
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
13
reference_url https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10911
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10911
15
reference_url https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash
16
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_19
17
reference_url https://symfony.com/cve-2019-10911
reference_id CVE-2019-10911
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10911
18
reference_url https://github.com/advisories/GHSA-cchx-mfrc-fwqr
reference_id GHSA-cchx-mfrc-fwqr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cchx-mfrc-fwqr
fixed_packages
0
url pkg:composer/symfony/security@2.7.51
purl pkg:composer/symfony/security@2.7.51
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.7.51
1
url pkg:composer/symfony/security@2.8.50
purl pkg:composer/symfony/security@2.8.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e71e-d4tr-wqgz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.8.50
2
url pkg:composer/symfony/security@3.4.26
purl pkg:composer/symfony/security@3.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e71e-d4tr-wqgz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@3.4.26
3
url pkg:composer/symfony/security@4.1.12
purl pkg:composer/symfony/security@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bpkv-qrmp-huac
1
vulnerability VCID-e71e-d4tr-wqgz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@4.1.12
4
url pkg:composer/symfony/security@4.2.7
purl pkg:composer/symfony/security@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e71e-d4tr-wqgz
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@4.2.7
aliases CVE-2019-10911, GHSA-cchx-mfrc-fwqr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpkv-qrmp-huac
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@2.7.51