Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/symfony@4.0.15
Typecomposer
Namespacesymfony
Namesymfony
Version4.0.15
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.4.51
Latest_non_vulnerable_version8.0.12
Affected_by_vulnerabilities
0
url VCID-2fjn-22pk-p7fx
vulnerability_id VCID-2fjn-22pk-p7fx
summary 
Cross-Site Request Forgery (CSRF)
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23601
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38505
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23601
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:56:46Z/
url https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23601
reference_id CVE-2022-23601
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23601
4
reference_url https://symfony.com/cve-2022-23601
reference_id CVE-2022-23601
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2022-23601
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2022-23601.yaml
reference_id CVE-2022-23601.YAML
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2022-23601.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-23601.yaml
reference_id CVE-2022-23601.YAML
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-23601.yaml
7
reference_url https://github.com/advisories/GHSA-vvmr-8829-6whx
reference_id GHSA-vvmr-8829-6whx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vvmr-8829-6whx
8
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx
reference_id GHSA-vvmr-8829-6whx
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:56:46Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx
fixed_packages
0
url pkg:composer/symfony/symfony@5.3.15
purl pkg:composer/symfony/symfony@5.3.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-7pwc-t6vf-eyax
2
vulnerability VCID-9mbr-qumx-8yhz
3
vulnerability VCID-dmsr-jrsf-tqdu
4
vulnerability VCID-hkcs-2mjk-ubhw
5
vulnerability VCID-mqjv-9ptq-q3g9
6
vulnerability VCID-mxta-zqzb-nfbv
7
vulnerability VCID-uvpz-6mss-9bgn
8
vulnerability VCID-wtr6-xz9n-uqg3
9
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.15
1
url pkg:composer/symfony/symfony@5.4.4
purl pkg:composer/symfony/symfony@5.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-7pwc-t6vf-eyax
2
vulnerability VCID-9mbr-qumx-8yhz
3
vulnerability VCID-dmsr-jrsf-tqdu
4
vulnerability VCID-hkcs-2mjk-ubhw
5
vulnerability VCID-mqjv-9ptq-q3g9
6
vulnerability VCID-mxta-zqzb-nfbv
7
vulnerability VCID-uvpz-6mss-9bgn
8
vulnerability VCID-wtr6-xz9n-uqg3
9
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.4
2
url pkg:composer/symfony/symfony@6.0.4
purl pkg:composer/symfony/symfony@6.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-7pwc-t6vf-eyax
2
vulnerability VCID-9mbr-qumx-8yhz
3
vulnerability VCID-dmsr-jrsf-tqdu
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-mxta-zqzb-nfbv
6
vulnerability VCID-uvpz-6mss-9bgn
7
vulnerability VCID-wtr6-xz9n-uqg3
8
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.4
aliases CVE-2022-23601, GHSA-vvmr-8829-6whx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2fjn-22pk-p7fx
1
url VCID-59sy-m44r-h3gn
vulnerability_id VCID-59sy-m44r-h3gn
summary 
SQL Injection
In Symfony HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10913
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49262
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10913
1
reference_url https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10913
reference_id CVE-2019-10913
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10913
3
reference_url https://symfony.com/cve-2019-10913
reference_id CVE-2019-10913
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10913
4
reference_url https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides
reference_id CVE-2019-10913-REJECT-INVALID-HTTP-METHOD-OVERRIDES
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-10913.yaml
reference_id CVE-2019-10913.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-10913.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10913.yaml
reference_id CVE-2019-10913.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10913.yaml
7
reference_url https://github.com/advisories/GHSA-x92h-wmg2-6hp7
reference_id GHSA-x92h-wmg2-6hp7
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x92h-wmg2-6hp7
fixed_packages
0
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-m1y3-csp4-aqe4
11
vulnerability VCID-mbd5-rsax-jya9
12
vulnerability VCID-mqjv-9ptq-q3g9
13
vulnerability VCID-mxta-zqzb-nfbv
14
vulnerability VCID-uvpz-6mss-9bgn
15
vulnerability VCID-wnu2-cmrt-bkhr
16
vulnerability VCID-x8xk-7pga-33hz
17
vulnerability VCID-yzth-mby6-fua5
18
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
1
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-kw21-fsjq-mbb4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-uvpz-6mss-9bgn
13
vulnerability VCID-wnu2-cmrt-bkhr
14
vulnerability VCID-x8xk-7pga-33hz
15
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10913, GHSA-x92h-wmg2-6hp7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59sy-m44r-h3gn
2
url VCID-5txj-xsnq-ducf
vulnerability_id VCID-5txj-xsnq-ducf
summary 
Cross-site Scripting
In Symfony, validation messages are not escaped, which can lead to XSS when user input is included.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.58042
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
1
reference_url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
2
reference_url https://www.drupal.org/sa-core-2019-005
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-005
3
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_19
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
reference_id CVE-2019-10909
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
5
reference_url https://symfony.com/cve-2019-10909
reference_id CVE-2019-10909
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10909
6
reference_url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
reference_id CVE-2019-10909-ESCAPE-VALIDATION-MESSAGES-IN-THE-PHP-TEMPLATING-ENGINE
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
11
reference_url https://github.com/advisories/GHSA-g996-q5r8-w7g2
reference_id GHSA-g996-q5r8-w7g2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g996-q5r8-w7g2
fixed_packages
0
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-m1y3-csp4-aqe4
11
vulnerability VCID-mbd5-rsax-jya9
12
vulnerability VCID-mqjv-9ptq-q3g9
13
vulnerability VCID-mxta-zqzb-nfbv
14
vulnerability VCID-uvpz-6mss-9bgn
15
vulnerability VCID-wnu2-cmrt-bkhr
16
vulnerability VCID-x8xk-7pga-33hz
17
vulnerability VCID-yzth-mby6-fua5
18
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
1
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-kw21-fsjq-mbb4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-uvpz-6mss-9bgn
13
vulnerability VCID-wnu2-cmrt-bkhr
14
vulnerability VCID-x8xk-7pga-33hz
15
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10909, GHSA-g996-q5r8-w7g2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5txj-xsnq-ducf
3
url VCID-6kq8-5k4z-27f2
vulnerability_id VCID-6kq8-5k4z-27f2
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-50345
reference_id
reference_type
scores
0
value 0.00394
scoring_system epss
scoring_elements 0.60588
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-50345
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2024-50345.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2024-50345.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-50345.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-50345.yaml
3
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
4
reference_url https://github.com/symfony/symfony/commit/5a9b08e5740af795854b1b639b7d45b9cbfe8819
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/5a9b08e5740af795854b1b639b7d45b9cbfe8819
5
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:21:57Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp
6
reference_url https://lists.debian.org/debian-lts-announce/2025/05/msg00051.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/05/msg00051.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-50345
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-50345
8
reference_url https://symfony.com/cve-2024-50345
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2024-50345
9
reference_url https://url.spec.whatwg.org
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:21:57Z/
url https://url.spec.whatwg.org
10
reference_url https://github.com/advisories/GHSA-mrqx-rp3w-jpjp
reference_id GHSA-mrqx-rp3w-jpjp
reference_type
scores
url https://github.com/advisories/GHSA-mrqx-rp3w-jpjp
11
reference_url https://usn.ubuntu.com/7272-1/
reference_id USN-7272-1
reference_type
scores
url https://usn.ubuntu.com/7272-1/
fixed_packages
0
url pkg:composer/symfony/symfony@7.2.0-BETA1
purl pkg:composer/symfony/symfony@7.2.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.2.0-BETA1
1
url pkg:composer/symfony/symfony@5.4.46
purl pkg:composer/symfony/symfony@5.4.46
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkcs-2mjk-ubhw
1
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.46
2
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
3
url pkg:composer/symfony/symfony@6.4.14
purl pkg:composer/symfony/symfony@6.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkcs-2mjk-ubhw
1
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.14
4
url pkg:composer/symfony/symfony@7.0.0-BETA1
purl pkg:composer/symfony/symfony@7.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.0.0-BETA1
5
url pkg:composer/symfony/symfony@7.1.7
purl pkg:composer/symfony/symfony@7.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.1.7
aliases CVE-2024-50345, GHSA-mrqx-rp3w-jpjp
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kq8-5k4z-27f2
4
url VCID-7pwc-t6vf-eyax
vulnerability_id VCID-7pwc-t6vf-eyax
summary 
Duplicate
This advisory duplicates another.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24894
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.39605
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24894
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:29Z/
url https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb
3
reference_url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:29Z/
url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24894
reference_id CVE-2022-24894
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24894
5
reference_url https://symfony.com/cve-2022-24894
reference_id CVE-2022-24894
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2022-24894
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-kernel/CVE-2022-24894.yaml
reference_id CVE-2022-24894.YAML
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-kernel/CVE-2022-24894.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-24894.yaml
reference_id CVE-2022-24894.YAML
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-24894.yaml
8
reference_url https://github.com/advisories/GHSA-h7vf-5wrv-9fhv
reference_id GHSA-h7vf-5wrv-9fhv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h7vf-5wrv-9fhv
9
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv
reference_id GHSA-h7vf-5wrv-9fhv
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:29Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv
10
reference_url https://usn.ubuntu.com/7272-1/
reference_id USN-7272-1
reference_type
scores
url https://usn.ubuntu.com/7272-1/
fixed_packages
0
url pkg:composer/symfony/symfony@6.1.0-BETA1
purl pkg:composer/symfony/symfony@6.1.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.1.0-BETA1
1
url pkg:composer/symfony/symfony@6.2.0-BETA1
purl pkg:composer/symfony/symfony@6.2.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.0-BETA1
2
url pkg:composer/symfony/symfony@4.4.50
purl pkg:composer/symfony/symfony@4.4.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-mxta-zqzb-nfbv
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.4.50
3
url pkg:composer/symfony/symfony@5.0.0-BETA1
purl pkg:composer/symfony/symfony@5.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-6kq8-5k4z-27f2
2
vulnerability VCID-9mbr-qumx-8yhz
3
vulnerability VCID-dmsr-jrsf-tqdu
4
vulnerability VCID-hkcs-2mjk-ubhw
5
vulnerability VCID-mqjv-9ptq-q3g9
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.0.0-BETA1
4
url pkg:composer/symfony/symfony@5.4.20
purl pkg:composer/symfony/symfony@5.4.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-mxta-zqzb-nfbv
6
vulnerability VCID-wtr6-xz9n-uqg3
7
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.20
5
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
6
url pkg:composer/symfony/symfony@6.0.20
purl pkg:composer/symfony/symfony@6.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.20
7
url pkg:composer/symfony/symfony@6.1.12
purl pkg:composer/symfony/symfony@6.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.1.12
8
url pkg:composer/symfony/symfony@6.2.6
purl pkg:composer/symfony/symfony@6.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-dw66-36y1-g7hz
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-mxta-zqzb-nfbv
6
vulnerability VCID-wtr6-xz9n-uqg3
7
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.6
aliases CVE-2022-24894, GHSA-h7vf-5wrv-9fhv, GMS-2023-209, GMS-2023-212
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7pwc-t6vf-eyax
5
url VCID-8y4h-6hx7-v3h5
vulnerability_id VCID-8y4h-6hx7-v3h5
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21424
reference_id
reference_type
scores
0
value 0.00337
scoring_system epss
scoring_elements 0.56786
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21424
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/lexik/jwt-authentication-bundle/CVE-2021-21424.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/lexik/jwt-authentication-bundle/CVE-2021-21424.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/maker-bundle/CVE-2021-21424.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/maker-bundle/CVE-2021-21424.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2021-21424.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2021-21424.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-guard/CVE-2021-21424.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-guard/CVE-2021-21424.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2021-21424.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2021-21424.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2021-21424.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2021-21424.yaml
7
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
8
reference_url https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011
9
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68
10
reference_url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21424
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21424
20
reference_url https://symfony.com/cve-2021-21424
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2021-21424
21
reference_url https://github.com/advisories/GHSA-5pv8-ppvj-4h68
reference_id GHSA-5pv8-ppvj-4h68
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5pv8-ppvj-4h68
22
reference_url https://usn.ubuntu.com/USN-5290-1/
reference_id USN-USN-5290-1
reference_type
scores
url https://usn.ubuntu.com/USN-5290-1/
fixed_packages
0
url pkg:composer/symfony/symfony@4.4.23
purl pkg:composer/symfony/symfony@4.4.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-9mbr-qumx-8yhz
5
vulnerability VCID-dmsr-jrsf-tqdu
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-mqjv-9ptq-q3g9
8
vulnerability VCID-mxta-zqzb-nfbv
9
vulnerability VCID-uvpz-6mss-9bgn
10
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.4.23
1
url pkg:composer/symfony/symfony@4.4.24
purl pkg:composer/symfony/symfony@4.4.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-9mbr-qumx-8yhz
5
vulnerability VCID-dmsr-jrsf-tqdu
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-mqjv-9ptq-q3g9
8
vulnerability VCID-mxta-zqzb-nfbv
9
vulnerability VCID-uvpz-6mss-9bgn
10
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.4.24
2
url pkg:composer/symfony/symfony@5.2.8
purl pkg:composer/symfony/symfony@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-93v3-vzkx-xqba
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-dmsr-jrsf-tqdu
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.2.8
3
url pkg:composer/symfony/symfony@5.2.9
purl pkg:composer/symfony/symfony@5.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-93v3-vzkx-xqba
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-dmsr-jrsf-tqdu
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.2.9
aliases CVE-2021-21424, GHSA-5pv8-ppvj-4h68
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8y4h-6hx7-v3h5
6
url VCID-9mbr-qumx-8yhz
vulnerability_id VCID-9mbr-qumx-8yhz
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-51736
reference_id
reference_type
scores
0
value 0.00783
scoring_system epss
scoring_elements 0.74047
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-51736
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/process/CVE-2024-51736.yaml
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/process/CVE-2024-51736.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-51736.yaml
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-51736.yaml
3
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
4
reference_url https://github.com/symfony/symfony/commit/18ecd03eda3917fdf901a48e72518f911c64a1c9
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/18ecd03eda3917fdf901a48e72518f911c64a1c9
5
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-21T23:20:34Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-51736
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-51736
7
reference_url https://symfony.com/cve-2024-51736
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2024-51736
8
reference_url https://github.com/advisories/GHSA-qq5c-677p-737q
reference_id GHSA-qq5c-677p-737q
reference_type
scores
url https://github.com/advisories/GHSA-qq5c-677p-737q
fixed_packages
0
url pkg:composer/symfony/symfony@7.2.0-BETA1
purl pkg:composer/symfony/symfony@7.2.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.2.0-BETA1
1
url pkg:composer/symfony/symfony@5.4.46
purl pkg:composer/symfony/symfony@5.4.46
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkcs-2mjk-ubhw
1
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.46
2
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
3
url pkg:composer/symfony/symfony@6.4.14
purl pkg:composer/symfony/symfony@6.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkcs-2mjk-ubhw
1
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.14
4
url pkg:composer/symfony/symfony@7.0.0-BETA1
purl pkg:composer/symfony/symfony@7.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.0.0-BETA1
5
url pkg:composer/symfony/symfony@7.1.7
purl pkg:composer/symfony/symfony@7.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mqjv-9ptq-q3g9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.1.7
aliases CVE-2024-51736, GHSA-qq5c-677p-737q
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mbr-qumx-8yhz
7
url VCID-hkcs-2mjk-ubhw
vulnerability_id VCID-hkcs-2mjk-ubhw
summary 
Symfony's incorrect argument escaping under MSYS2/Git Bash can lead to destructive file operations on Windows
The Symfony Process component did not correctly treat some characters (notably `=`) as “special” when escaping arguments on Windows. When PHP is executed from an MSYS2-based environment (e.g. Git Bash) and Symfony Process spawns native Windows executables, MSYS2’s argument/path conversion can mishandle unquoted arguments containing these characters.

This can cause the spawned process to receive corrupted/truncated arguments compared to what Symfony intended.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24739
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01652
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24739
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/35203939050e5abd3caf2202113b00cab5d379b3
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T16:03:49Z/
url https://github.com/symfony/symfony/commit/35203939050e5abd3caf2202113b00cab5d379b3
3
reference_url https://github.com/symfony/symfony/commit/ec154f6f95f8c60f831998ec4d246a857e9d179b
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T16:03:49Z/
url https://github.com/symfony/symfony/commit/ec154f6f95f8c60f831998ec4d246a857e9d179b
4
reference_url https://github.com/symfony/symfony/issues/62921
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T16:03:49Z/
url https://github.com/symfony/symfony/issues/62921
5
reference_url https://github.com/symfony/symfony/pull/63164
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T16:03:49Z/
url https://github.com/symfony/symfony/pull/63164
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24739
reference_id CVE-2026-24739
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24739
7
reference_url https://github.com/advisories/GHSA-r39x-jcww-82v6
reference_id GHSA-r39x-jcww-82v6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r39x-jcww-82v6
8
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-r39x-jcww-82v6
reference_id GHSA-r39x-jcww-82v6
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T16:03:49Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-r39x-jcww-82v6
fixed_packages
0
url pkg:composer/symfony/symfony@7.4.0-BETA1
purl pkg:composer/symfony/symfony@7.4.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.4.0-BETA1
1
url pkg:composer/symfony/symfony@5.4.51
purl pkg:composer/symfony/symfony@5.4.51
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.51
2
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
3
url pkg:composer/symfony/symfony@6.4.33
purl pkg:composer/symfony/symfony@6.4.33
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.33
4
url pkg:composer/symfony/symfony@7.0.0-BETA1
purl pkg:composer/symfony/symfony@7.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.0.0-BETA1
5
url pkg:composer/symfony/symfony@7.3.11
purl pkg:composer/symfony/symfony@7.3.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.3.11
6
url pkg:composer/symfony/symfony@7.4.5
purl pkg:composer/symfony/symfony@7.4.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.4.5
7
url pkg:composer/symfony/symfony@8.0.0-BETA1
purl pkg:composer/symfony/symfony@8.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@8.0.0-BETA1
8
url pkg:composer/symfony/symfony@8.0.5
purl pkg:composer/symfony/symfony@8.0.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@8.0.5
aliases CVE-2026-24739, GHSA-r39x-jcww-82v6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkcs-2mjk-ubhw
8
url VCID-m1y3-csp4-aqe4
vulnerability_id VCID-m1y3-csp4-aqe4
summary 
Deserialization of Untrusted Data
In Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10912
reference_id
reference_type
scores
0
value 0.01116
scoring_system epss
scoring_elements 0.78513
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10912
1
reference_url https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
34
reference_url https://seclists.org/bugtraq/2019/May/21
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/21
35
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-016
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-016
36
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-016/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-016/
37
reference_url https://www.debian.org/security/2019/dsa-4441
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4441
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10912
reference_id CVE-2019-10912
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10912
39
reference_url https://symfony.com/cve-2019-10912
reference_id CVE-2019-10912
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10912
40
reference_url https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized
reference_id CVE-2019-10912-PREVENT-DESTRUCTORS-WITH-SIDE-EFFECTS-FROM-BEING-UNSERIALIZED
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized
41
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml
42
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml
43
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml
44
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml
45
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml
46
reference_url https://github.com/advisories/GHSA-w2fr-65vp-mxw3
reference_id GHSA-w2fr-65vp-mxw3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w2fr-65vp-mxw3
fixed_packages
0
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-m1y3-csp4-aqe4
11
vulnerability VCID-mbd5-rsax-jya9
12
vulnerability VCID-mqjv-9ptq-q3g9
13
vulnerability VCID-mxta-zqzb-nfbv
14
vulnerability VCID-uvpz-6mss-9bgn
15
vulnerability VCID-wnu2-cmrt-bkhr
16
vulnerability VCID-x8xk-7pga-33hz
17
vulnerability VCID-yzth-mby6-fua5
18
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
1
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-kw21-fsjq-mbb4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-uvpz-6mss-9bgn
13
vulnerability VCID-wnu2-cmrt-bkhr
14
vulnerability VCID-x8xk-7pga-33hz
15
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10912, GHSA-w2fr-65vp-mxw3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1y3-csp4-aqe4
9
url VCID-mbd5-rsax-jya9
vulnerability_id VCID-mbd5-rsax-jya9
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18888
reference_id
reference_type
scores
0
value 0.0231
scoring_system epss
scoring_elements 0.85034
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18888
1
reference_url https://github.com/symfony/symfony/releases/tag/v4.3.8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/releases/tag/v4.3.8
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
14
reference_url https://symfony.com/blog/symfony-4-3-8-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/symfony-4-3-8-released
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18888
reference_id CVE-2019-18888
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18888
16
reference_url https://symfony.com/cve-2019-18888
reference_id CVE-2019-18888
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-18888
17
reference_url https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser
reference_id CVE-2019-18888-PREVENT-ARGUMENT-INJECTION-IN-A-MIMETYPEGUESSER
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser
18
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-18888.yaml
reference_id CVE-2019-18888.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-18888.yaml
19
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/mime/CVE-2019-18888.yaml
reference_id CVE-2019-18888.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/mime/CVE-2019-18888.yaml
20
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18888.yaml
reference_id CVE-2019-18888.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18888.yaml
21
reference_url https://github.com/advisories/GHSA-xhh6-956q-4q69
reference_id GHSA-xhh6-956q-4q69
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xhh6-956q-4q69
fixed_packages
0
url pkg:composer/symfony/symfony@4.2.12
purl pkg:composer/symfony/symfony@4.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.12
1
url pkg:composer/symfony/symfony@4.3.8
purl pkg:composer/symfony/symfony@4.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-dmsr-jrsf-tqdu
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.3.8
aliases CVE-2019-18888, GHSA-xhh6-956q-4q69
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbd5-rsax-jya9
10
url VCID-mqjv-9ptq-q3g9
vulnerability_id VCID-mqjv-9ptq-q3g9
summary 
Symfony's incorrect parsing of PATH_INFO can lead to limited authorization bypass
The `Request` class improperly interprets some `PATH_INFO` in a way that leads to representing some URLs with a path that doesn't start with a `/`. This can allow bypassing some access control rules that are built with this `/`-prefix assumption.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64500
reference_id
reference_type
scores
0
value 0.06307
scoring_system epss
scoring_elements 0.91097
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64500
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/9962b91b12bb791322fa73836b350836b6db7cac
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/symfony/symfony/commit/9962b91b12bb791322fa73836b350836b6db7cac
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64500
reference_id CVE-2025-64500
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64500
4
reference_url https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass
reference_id CVE-2025-64500-INCORRECT-PARSING-OF-PATH-INFO-CAN-LEAD-TO-LIMITED-AUTHORIZATION-BYPASS
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2025-64500.yaml
reference_id CVE-2025-64500.YAML
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2025-64500.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2025-64500.yaml
reference_id CVE-2025-64500.YAML
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2025-64500.yaml
7
reference_url https://github.com/advisories/GHSA-3rg7-wf37-54rm
reference_id GHSA-3rg7-wf37-54rm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3rg7-wf37-54rm
8
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-3rg7-wf37-54rm
reference_id GHSA-3rg7-wf37-54rm
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-3rg7-wf37-54rm
fixed_packages
0
url pkg:composer/symfony/symfony@7.4.0-BETA1
purl pkg:composer/symfony/symfony@7.4.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.4.0-BETA1
1
url pkg:composer/symfony/symfony@5.4.50
purl pkg:composer/symfony/symfony@5.4.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkcs-2mjk-ubhw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.50
2
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
3
url pkg:composer/symfony/symfony@6.4.29
purl pkg:composer/symfony/symfony@6.4.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkcs-2mjk-ubhw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.29
4
url pkg:composer/symfony/symfony@7.0.0-BETA1
purl pkg:composer/symfony/symfony@7.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.0.0-BETA1
5
url pkg:composer/symfony/symfony@7.3.7
purl pkg:composer/symfony/symfony@7.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hkcs-2mjk-ubhw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.3.7
aliases CVE-2025-64500, GHSA-3rg7-wf37-54rm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqjv-9ptq-q3g9
11
url VCID-mxta-zqzb-nfbv
vulnerability_id VCID-mxta-zqzb-nfbv
summary 
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46734
reference_id
reference_type
scores
0
value 0.02419
scoring_system epss
scoring_elements 0.85376
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46734
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:11:26Z/
url https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54
3
reference_url https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:11:26Z/
url https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c
4
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:11:26Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055774
reference_id 1055774
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055774
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46734
reference_id CVE-2023-46734
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46734
7
reference_url https://symfony.com/cve-2023-46734
reference_id CVE-2023-46734
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2023-46734
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2023-46734.yaml
reference_id CVE-2023-46734.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2023-46734.yaml
9
reference_url https://github.com/advisories/GHSA-q847-2q57-wmr3
reference_id GHSA-q847-2q57-wmr3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q847-2q57-wmr3
10
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3
reference_id GHSA-q847-2q57-wmr3
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:11:26Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3
11
reference_url https://usn.ubuntu.com/7272-1/
reference_id USN-7272-1
reference_type
scores
url https://usn.ubuntu.com/7272-1/
fixed_packages
0
url pkg:composer/symfony/symfony@6.4.0-BETA1
purl pkg:composer/symfony/symfony@6.4.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-dw66-36y1-g7hz
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.0-BETA1
1
url pkg:composer/symfony/symfony@4.4.51
purl pkg:composer/symfony/symfony@4.4.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.4.51
2
url pkg:composer/symfony/symfony@5.0.0-BETA1
purl pkg:composer/symfony/symfony@5.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-6kq8-5k4z-27f2
2
vulnerability VCID-9mbr-qumx-8yhz
3
vulnerability VCID-dmsr-jrsf-tqdu
4
vulnerability VCID-hkcs-2mjk-ubhw
5
vulnerability VCID-mqjv-9ptq-q3g9
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.0.0-BETA1
3
url pkg:composer/symfony/symfony@5.4.31
purl pkg:composer/symfony/symfony@5.4.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.31
4
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
5
url pkg:composer/symfony/symfony@6.3.8
purl pkg:composer/symfony/symfony@6.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-dw66-36y1-g7hz
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.8
aliases CVE-2023-46734, GHSA-q847-2q57-wmr3
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxta-zqzb-nfbv
12
url VCID-n1c7-yabu-jye7
vulnerability_id VCID-n1c7-yabu-jye7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10910
reference_id
reference_type
scores
0
value 0.11901
scoring_system epss
scoring_elements 0.93864
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10910
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/3876c75f858d5d82e2c309698d21af2f1d721afb
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/3876c75f858d5d82e2c309698d21af2f1d721afb
3
reference_url https://github.com/symfony/symfony/commit/4c80c3444854ef384df94deb4acbcef4b5e5243b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/4c80c3444854ef384df94deb4acbcef4b5e5243b
4
reference_url https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b
5
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_19
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10910
reference_id CVE-2019-10910
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10910
7
reference_url https://symfony.com/cve-2019-10910
reference_id CVE-2019-10910
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10910
8
reference_url https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid
reference_id CVE-2019-10910-CHECK-SERVICE-IDS-ARE-VALID
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/dependency-injection/CVE-2019-10910.yaml
reference_id CVE-2019-10910.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/dependency-injection/CVE-2019-10910.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/proxy-manager-bridge/CVE-2019-10910.yaml
reference_id CVE-2019-10910.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/proxy-manager-bridge/CVE-2019-10910.yaml
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10910.yaml
reference_id CVE-2019-10910.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10910.yaml
12
reference_url https://github.com/advisories/GHSA-pgwj-prpq-jpc2
reference_id GHSA-pgwj-prpq-jpc2
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pgwj-prpq-jpc2
fixed_packages
0
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-m1y3-csp4-aqe4
11
vulnerability VCID-mbd5-rsax-jya9
12
vulnerability VCID-mqjv-9ptq-q3g9
13
vulnerability VCID-mxta-zqzb-nfbv
14
vulnerability VCID-uvpz-6mss-9bgn
15
vulnerability VCID-wnu2-cmrt-bkhr
16
vulnerability VCID-x8xk-7pga-33hz
17
vulnerability VCID-yzth-mby6-fua5
18
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
1
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-kw21-fsjq-mbb4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-uvpz-6mss-9bgn
13
vulnerability VCID-wnu2-cmrt-bkhr
14
vulnerability VCID-x8xk-7pga-33hz
15
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10910, GHSA-pgwj-prpq-jpc2
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n1c7-yabu-jye7
13
url VCID-uvpz-6mss-9bgn
vulnerability_id VCID-uvpz-6mss-9bgn
summary 
Duplicate
This advisory duplicates another.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24895
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.06271
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24895
1
reference_url https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:32Z/
url https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946
2
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
3
reference_url https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:32Z/
url https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4
4
reference_url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:32Z/
url https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24895
reference_id CVE-2022-24895
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24895
6
reference_url https://symfony.com/cve-2022-24895
reference_id CVE-2022-24895
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2022-24895
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml
reference_id CVE-2022-24895.YAML
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:32Z/
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-24895.yaml
reference_id CVE-2022-24895.YAML
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2022-24895.yaml
9
reference_url https://github.com/advisories/GHSA-3gv2-29qc-v67m
reference_id GHSA-3gv2-29qc-v67m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3gv2-29qc-v67m
10
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m
reference_id GHSA-3gv2-29qc-v67m
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:58:32Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m
11
reference_url https://usn.ubuntu.com/7272-1/
reference_id USN-7272-1
reference_type
scores
url https://usn.ubuntu.com/7272-1/
fixed_packages
0
url pkg:composer/symfony/symfony@6.1.0-BETA1
purl pkg:composer/symfony/symfony@6.1.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.1.0-BETA1
1
url pkg:composer/symfony/symfony@6.2.0-BETA1
purl pkg:composer/symfony/symfony@6.2.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.0-BETA1
2
url pkg:composer/symfony/symfony@4.4.50
purl pkg:composer/symfony/symfony@4.4.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-mxta-zqzb-nfbv
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.4.50
3
url pkg:composer/symfony/symfony@5.0.0-BETA1
purl pkg:composer/symfony/symfony@5.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-6kq8-5k4z-27f2
2
vulnerability VCID-9mbr-qumx-8yhz
3
vulnerability VCID-dmsr-jrsf-tqdu
4
vulnerability VCID-hkcs-2mjk-ubhw
5
vulnerability VCID-mqjv-9ptq-q3g9
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.0.0-BETA1
4
url pkg:composer/symfony/symfony@5.4.20
purl pkg:composer/symfony/symfony@5.4.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-mxta-zqzb-nfbv
6
vulnerability VCID-wtr6-xz9n-uqg3
7
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.20
5
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
6
url pkg:composer/symfony/symfony@6.0.20
purl pkg:composer/symfony/symfony@6.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.20
7
url pkg:composer/symfony/symfony@6.1.12
purl pkg:composer/symfony/symfony@6.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-mxta-zqzb-nfbv
5
vulnerability VCID-wtr6-xz9n-uqg3
6
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.1.12
8
url pkg:composer/symfony/symfony@6.2.6
purl pkg:composer/symfony/symfony@6.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-dw66-36y1-g7hz
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-mxta-zqzb-nfbv
6
vulnerability VCID-wtr6-xz9n-uqg3
7
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.6
aliases CVE-2022-24895, GHSA-3gv2-29qc-v67m, GMS-2023-210, GMS-2023-211
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvpz-6mss-9bgn
14
url VCID-wnu2-cmrt-bkhr
vulnerability_id VCID-wnu2-cmrt-bkhr
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18887
reference_id
reference_type
scores
0
value 0.00813
scoring_system epss
scoring_elements 0.74565
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18887
1
reference_url https://github.com/symfony/symfony/releases/tag/v4.3.8
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/releases/tag/v4.3.8
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
14
reference_url https://symfony.com/blog/symfony-4-3-8-released
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/symfony-4-3-8-released
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18887
reference_id CVE-2019-18887
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18887
16
reference_url https://symfony.com/cve-2019-18887
reference_id CVE-2019-18887
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-18887
17
reference_url https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner
reference_id CVE-2019-18887-USE-CONSTANT-TIME-COMPARISON-IN-URISIGNER
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner
18
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-kernel/CVE-2019-18887.yaml
reference_id CVE-2019-18887.YAML
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-kernel/CVE-2019-18887.yaml
19
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18887.yaml
reference_id CVE-2019-18887.YAML
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18887.yaml
20
reference_url https://github.com/advisories/GHSA-q8hg-pf8v-cxrv
reference_id GHSA-q8hg-pf8v-cxrv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q8hg-pf8v-cxrv
fixed_packages
0
url pkg:composer/symfony/symfony@4.2.12
purl pkg:composer/symfony/symfony@4.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.12
1
url pkg:composer/symfony/symfony@4.3.8
purl pkg:composer/symfony/symfony@4.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-dmsr-jrsf-tqdu
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.3.8
aliases CVE-2019-18887, GHSA-q8hg-pf8v-cxrv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wnu2-cmrt-bkhr
15
url VCID-x8xk-7pga-33hz
vulnerability_id VCID-x8xk-7pga-33hz
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18889
reference_id
reference_type
scores
0
value 0.05134
scoring_system epss
scoring_elements 0.9001
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18889
1
reference_url https://github.com/symfony/symfony/releases/tag/v4.3.8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/releases/tag/v4.3.8
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
6
reference_url https://symfony.com/blog/symfony-4-3-8-released
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/symfony-4-3-8-released
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18889
reference_id CVE-2019-18889
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18889
8
reference_url https://symfony.com/cve-2019-18889
reference_id CVE-2019-18889
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-18889
9
reference_url https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
reference_id CVE-2019-18889-FORBID-SERIALIZING-ABSTRACTADAPTER-AND-TAGAWAREADAPTER-INSTANCES
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-18889.yaml
reference_id CVE-2019-18889.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-18889.yaml
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18889.yaml
reference_id CVE-2019-18889.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18889.yaml
12
reference_url https://github.com/advisories/GHSA-79gr-58r3-pwm3
reference_id GHSA-79gr-58r3-pwm3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-79gr-58r3-pwm3
fixed_packages
0
url pkg:composer/symfony/symfony@4.2.12
purl pkg:composer/symfony/symfony@4.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.12
1
url pkg:composer/symfony/symfony@4.3.8
purl pkg:composer/symfony/symfony@4.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-dmsr-jrsf-tqdu
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-uvpz-6mss-9bgn
11
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.3.8
aliases CVE-2019-18889, GHSA-79gr-58r3-pwm3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8xk-7pga-33hz
16
url VCID-yzth-mby6-fua5
vulnerability_id VCID-yzth-mby6-fua5
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-50343
reference_id
reference_type
scores
0
value 0.00246
scoring_system epss
scoring_elements 0.4803
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-50343
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-50343.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-50343.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/validator/CVE-2024-50343.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/validator/CVE-2024-50343.yaml
3
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
4
reference_url https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:25:47Z/
url https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f
5
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:25:47Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9
6
reference_url https://lists.debian.org/debian-lts-announce/2025/05/msg00051.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/05/msg00051.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-50343
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-50343
8
reference_url https://symfony.com/cve-2024-50343
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2024-50343
9
reference_url https://github.com/advisories/GHSA-g3rh-rrhp-jhh9
reference_id GHSA-g3rh-rrhp-jhh9
reference_type
scores
url https://github.com/advisories/GHSA-g3rh-rrhp-jhh9
10
reference_url https://usn.ubuntu.com/7272-1/
reference_id USN-7272-1
reference_type
scores
url https://usn.ubuntu.com/7272-1/
fixed_packages
0
url pkg:composer/symfony/symfony@5.4.43
purl pkg:composer/symfony/symfony@5.4.43
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-wtr6-xz9n-uqg3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.43
1
url pkg:composer/symfony/symfony@6.4.11
purl pkg:composer/symfony/symfony@6.4.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-hkcs-2mjk-ubhw
4
vulnerability VCID-mqjv-9ptq-q3g9
5
vulnerability VCID-wtr6-xz9n-uqg3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.11
2
url pkg:composer/symfony/symfony@7.1.4
purl pkg:composer/symfony/symfony@7.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6kq8-5k4z-27f2
1
vulnerability VCID-9mbr-qumx-8yhz
2
vulnerability VCID-dmsr-jrsf-tqdu
3
vulnerability VCID-mqjv-9ptq-q3g9
4
vulnerability VCID-wtr6-xz9n-uqg3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@7.1.4
aliases CVE-2024-50343, GHSA-g3rh-rrhp-jhh9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yzth-mby6-fua5
17
url VCID-zmrn-3fbj-gqcm
vulnerability_id VCID-zmrn-3fbj-gqcm
summary 
Improper Authentication
In Symfony, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10911
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50816
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10911
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081
3
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_19
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10911
reference_id CVE-2019-10911
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10911
5
reference_url https://symfony.com/cve-2019-10911
reference_id CVE-2019-10911
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10911
6
reference_url https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash
reference_id CVE-2019-10911-ADD-A-SEPARATOR-IN-THE-REMEMBER-ME-COOKIE-HASH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2019-10911.yaml
reference_id CVE-2019-10911.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2019-10911.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2019-10911.yaml
reference_id CVE-2019-10911.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2019-10911.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10911.yaml
reference_id CVE-2019-10911.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10911.yaml
10
reference_url https://github.com/advisories/GHSA-cchx-mfrc-fwqr
reference_id GHSA-cchx-mfrc-fwqr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cchx-mfrc-fwqr
fixed_packages
0
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-m1y3-csp4-aqe4
11
vulnerability VCID-mbd5-rsax-jya9
12
vulnerability VCID-mqjv-9ptq-q3g9
13
vulnerability VCID-mxta-zqzb-nfbv
14
vulnerability VCID-uvpz-6mss-9bgn
15
vulnerability VCID-wnu2-cmrt-bkhr
16
vulnerability VCID-x8xk-7pga-33hz
17
vulnerability VCID-yzth-mby6-fua5
18
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
1
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-6kq8-5k4z-27f2
3
vulnerability VCID-7pwc-t6vf-eyax
4
vulnerability VCID-8y4h-6hx7-v3h5
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-k3e5-c9kc-sqg1
8
vulnerability VCID-kw21-fsjq-mbb4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-uvpz-6mss-9bgn
13
vulnerability VCID-wnu2-cmrt-bkhr
14
vulnerability VCID-x8xk-7pga-33hz
15
vulnerability VCID-yzth-mby6-fua5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10911, GHSA-cchx-mfrc-fwqr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zmrn-3fbj-gqcm
Fixing_vulnerabilities
0
url VCID-a9gt-63v3-vbdf
vulnerability_id VCID-a9gt-63v3-vbdf
summary 
Unrestricted Upload of File with Dangerous Type
When using the scalar type hint `string` in a setter method (e.g. `setName(string$name)`) of a class that's the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19789
reference_id
reference_type
scores
0
value 0.00869
scoring_system epss
scoring_elements 0.75497
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19789
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/form/CVE-2018-19789.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/form/CVE-2018-19789.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-19789.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-19789.yaml
3
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
4
reference_url https://github.com/symfony/symfony/commit/b65e6f1a47b68f2713b60cdac9cc3a4af62a2d1c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/b65e6f1a47b68f2713b60cdac9cc3a4af62a2d1c
5
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19789
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19789
10
reference_url https://seclists.org/bugtraq/2019/May/21
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/21
11
reference_url https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path
12
reference_url https://web.archive.org/web/20210124224817/http://www.securityfocus.com/bid/106249
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210124224817/http://www.securityfocus.com/bid/106249
13
reference_url https://www.debian.org/security/2019/dsa-4441
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4441
14
reference_url https://symfony.com/cve-2018-19789
reference_id CVE-2018-19789
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2018-19789
fixed_packages
0
url pkg:composer/symfony/symfony@2.7.50
purl pkg:composer/symfony/symfony@2.7.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-mbd5-rsax-jya9
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-n1c7-yabu-jye7
11
vulnerability VCID-uvpz-6mss-9bgn
12
vulnerability VCID-wnu2-cmrt-bkhr
13
vulnerability VCID-yzth-mby6-fua5
14
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.50
1
url pkg:composer/symfony/symfony@2.8.49
purl pkg:composer/symfony/symfony@2.8.49
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-8y4h-6hx7-v3h5
6
vulnerability VCID-9mbr-qumx-8yhz
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-m1y3-csp4-aqe4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-n1c7-yabu-jye7
13
vulnerability VCID-uvpz-6mss-9bgn
14
vulnerability VCID-wnu2-cmrt-bkhr
15
vulnerability VCID-yzth-mby6-fua5
16
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.49
2
url pkg:composer/symfony/symfony@3.4.20
purl pkg:composer/symfony/symfony@3.4.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-8y4h-6hx7-v3h5
6
vulnerability VCID-9mbr-qumx-8yhz
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-m1y3-csp4-aqe4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-n1c7-yabu-jye7
13
vulnerability VCID-uvpz-6mss-9bgn
14
vulnerability VCID-wnu2-cmrt-bkhr
15
vulnerability VCID-yzth-mby6-fua5
16
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.20
3
url pkg:composer/symfony/symfony@4.0.15
purl pkg:composer/symfony/symfony@4.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-8y4h-6hx7-v3h5
6
vulnerability VCID-9mbr-qumx-8yhz
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-m1y3-csp4-aqe4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-n1c7-yabu-jye7
13
vulnerability VCID-uvpz-6mss-9bgn
14
vulnerability VCID-wnu2-cmrt-bkhr
15
vulnerability VCID-x8xk-7pga-33hz
16
vulnerability VCID-yzth-mby6-fua5
17
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.0.15
4
url pkg:composer/symfony/symfony@4.1.9
purl pkg:composer/symfony/symfony@4.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-m1y3-csp4-aqe4
11
vulnerability VCID-mbd5-rsax-jya9
12
vulnerability VCID-mqjv-9ptq-q3g9
13
vulnerability VCID-mxta-zqzb-nfbv
14
vulnerability VCID-n1c7-yabu-jye7
15
vulnerability VCID-uvpz-6mss-9bgn
16
vulnerability VCID-wnu2-cmrt-bkhr
17
vulnerability VCID-x8xk-7pga-33hz
18
vulnerability VCID-yzth-mby6-fua5
19
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.9
5
url pkg:composer/symfony/symfony@4.2.1
purl pkg:composer/symfony/symfony@4.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-kw21-fsjq-mbb4
11
vulnerability VCID-m1y3-csp4-aqe4
12
vulnerability VCID-mbd5-rsax-jya9
13
vulnerability VCID-mqjv-9ptq-q3g9
14
vulnerability VCID-mxta-zqzb-nfbv
15
vulnerability VCID-n1c7-yabu-jye7
16
vulnerability VCID-uvpz-6mss-9bgn
17
vulnerability VCID-wnu2-cmrt-bkhr
18
vulnerability VCID-x8xk-7pga-33hz
19
vulnerability VCID-yzth-mby6-fua5
20
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.1
aliases CVE-2018-19789, GHSA-x3cf-w64x-4cp2
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9gt-63v3-vbdf
1
url VCID-w8s1-z3hu-8beh
vulnerability_id VCID-w8s1-z3hu-8beh
summary 
URL Redirection to Untrusted Site (Open Redirect)
By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19790
reference_id
reference_type
scores
0
value 0.00447
scoring_system epss
scoring_elements 0.638
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19790
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2018-19790.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2018-19790.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2018-19790.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2018-19790.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-19790.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-19790.yaml
4
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
5
reference_url https://github.com/symfony/symfony/commit/99a0cec0a6be39ce5ef38386e57339603b33ee5b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/99a0cec0a6be39ce5ef38386e57339603b33ee5b
6
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19790
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-19790
14
reference_url https://seclists.org/bugtraq/2019/May/21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/21
15
reference_url https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
16
reference_url https://web.archive.org/web/20200227095826/http://www.securityfocus.com/bid/106249
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227095826/http://www.securityfocus.com/bid/106249
17
reference_url https://www.debian.org/security/2019/dsa-4441
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4441
18
reference_url http://www.securityfocus.com/bid/106249
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106249
19
reference_url https://symfony.com/cve-2018-19790
reference_id CVE-2018-19790
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2018-19790
fixed_packages
0
url pkg:composer/symfony/symfony@2.7.50
purl pkg:composer/symfony/symfony@2.7.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-9mbr-qumx-8yhz
6
vulnerability VCID-hkcs-2mjk-ubhw
7
vulnerability VCID-mbd5-rsax-jya9
8
vulnerability VCID-mqjv-9ptq-q3g9
9
vulnerability VCID-mxta-zqzb-nfbv
10
vulnerability VCID-n1c7-yabu-jye7
11
vulnerability VCID-uvpz-6mss-9bgn
12
vulnerability VCID-wnu2-cmrt-bkhr
13
vulnerability VCID-yzth-mby6-fua5
14
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.50
1
url pkg:composer/symfony/symfony@2.8.49
purl pkg:composer/symfony/symfony@2.8.49
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-8y4h-6hx7-v3h5
6
vulnerability VCID-9mbr-qumx-8yhz
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-m1y3-csp4-aqe4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-n1c7-yabu-jye7
13
vulnerability VCID-uvpz-6mss-9bgn
14
vulnerability VCID-wnu2-cmrt-bkhr
15
vulnerability VCID-yzth-mby6-fua5
16
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.49
2
url pkg:composer/symfony/symfony@3.4.20
purl pkg:composer/symfony/symfony@3.4.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-8y4h-6hx7-v3h5
6
vulnerability VCID-9mbr-qumx-8yhz
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-m1y3-csp4-aqe4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-n1c7-yabu-jye7
13
vulnerability VCID-uvpz-6mss-9bgn
14
vulnerability VCID-wnu2-cmrt-bkhr
15
vulnerability VCID-yzth-mby6-fua5
16
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.20
3
url pkg:composer/symfony/symfony@4.0.15
purl pkg:composer/symfony/symfony@4.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-59sy-m44r-h3gn
2
vulnerability VCID-5txj-xsnq-ducf
3
vulnerability VCID-6kq8-5k4z-27f2
4
vulnerability VCID-7pwc-t6vf-eyax
5
vulnerability VCID-8y4h-6hx7-v3h5
6
vulnerability VCID-9mbr-qumx-8yhz
7
vulnerability VCID-hkcs-2mjk-ubhw
8
vulnerability VCID-m1y3-csp4-aqe4
9
vulnerability VCID-mbd5-rsax-jya9
10
vulnerability VCID-mqjv-9ptq-q3g9
11
vulnerability VCID-mxta-zqzb-nfbv
12
vulnerability VCID-n1c7-yabu-jye7
13
vulnerability VCID-uvpz-6mss-9bgn
14
vulnerability VCID-wnu2-cmrt-bkhr
15
vulnerability VCID-x8xk-7pga-33hz
16
vulnerability VCID-yzth-mby6-fua5
17
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.0.15
4
url pkg:composer/symfony/symfony@4.1.9
purl pkg:composer/symfony/symfony@4.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-m1y3-csp4-aqe4
11
vulnerability VCID-mbd5-rsax-jya9
12
vulnerability VCID-mqjv-9ptq-q3g9
13
vulnerability VCID-mxta-zqzb-nfbv
14
vulnerability VCID-n1c7-yabu-jye7
15
vulnerability VCID-uvpz-6mss-9bgn
16
vulnerability VCID-wnu2-cmrt-bkhr
17
vulnerability VCID-x8xk-7pga-33hz
18
vulnerability VCID-yzth-mby6-fua5
19
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.9
5
url pkg:composer/symfony/symfony@4.2.1
purl pkg:composer/symfony/symfony@4.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fjn-22pk-p7fx
1
vulnerability VCID-2m2u-gjzs-cbbk
2
vulnerability VCID-59sy-m44r-h3gn
3
vulnerability VCID-5txj-xsnq-ducf
4
vulnerability VCID-6kq8-5k4z-27f2
5
vulnerability VCID-7pwc-t6vf-eyax
6
vulnerability VCID-8y4h-6hx7-v3h5
7
vulnerability VCID-9mbr-qumx-8yhz
8
vulnerability VCID-hkcs-2mjk-ubhw
9
vulnerability VCID-k3e5-c9kc-sqg1
10
vulnerability VCID-kw21-fsjq-mbb4
11
vulnerability VCID-m1y3-csp4-aqe4
12
vulnerability VCID-mbd5-rsax-jya9
13
vulnerability VCID-mqjv-9ptq-q3g9
14
vulnerability VCID-mxta-zqzb-nfbv
15
vulnerability VCID-n1c7-yabu-jye7
16
vulnerability VCID-uvpz-6mss-9bgn
17
vulnerability VCID-wnu2-cmrt-bkhr
18
vulnerability VCID-x8xk-7pga-33hz
19
vulnerability VCID-yzth-mby6-fua5
20
vulnerability VCID-zmrn-3fbj-gqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.1
aliases CVE-2018-19790, GHSA-89r2-5g34-2g47
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w8s1-z3hu-8beh
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.0.15