Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/symfony@3.4.26
Typecomposer
Namespacesymfony
Namesymfony
Version3.4.26
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.4.35
Latest_non_vulnerable_version8.0.12
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-59sy-m44r-h3gn
vulnerability_id VCID-59sy-m44r-h3gn
summary 
SQL Injection
In Symfony HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10913
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49262
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10913
1
reference_url https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec
reference_id
reference_type
scores
url https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10913
reference_id CVE-2019-10913
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-10913
3
reference_url https://symfony.com/cve-2019-10913
reference_id CVE-2019-10913
reference_type
scores
url https://symfony.com/cve-2019-10913
4
reference_url https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides
reference_id CVE-2019-10913-REJECT-INVALID-HTTP-METHOD-OVERRIDES
reference_type
scores
url https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-10913.yaml
reference_id CVE-2019-10913.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-10913.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10913.yaml
reference_id CVE-2019-10913.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10913.yaml
7
reference_url https://github.com/advisories/GHSA-x92h-wmg2-6hp7
reference_id GHSA-x92h-wmg2-6hp7
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x92h-wmg2-6hp7
fixed_packages
0
url pkg:composer/symfony/symfony@2.7.51
purl pkg:composer/symfony/symfony@2.7.51
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.51
1
url pkg:composer/symfony/symfony@2.8.50
purl pkg:composer/symfony/symfony@2.8.50
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.50
2
url pkg:composer/symfony/symfony@3.4.26
purl pkg:composer/symfony/symfony@3.4.26
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.26
3
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
4
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10913, GHSA-x92h-wmg2-6hp7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59sy-m44r-h3gn
1
url VCID-5txj-xsnq-ducf
vulnerability_id VCID-5txj-xsnq-ducf
summary 
Cross-site Scripting
In Symfony, validation messages are not escaped, which can lead to XSS when user input is included.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.58042
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
1
reference_url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
reference_id
reference_type
scores
url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
2
reference_url https://www.drupal.org/sa-core-2019-005
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2019-005
3
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
url https://www.synology.com/security/advisory/Synology_SA_19_19
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
reference_id CVE-2019-10909
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
5
reference_url https://symfony.com/cve-2019-10909
reference_id CVE-2019-10909
reference_type
scores
url https://symfony.com/cve-2019-10909
6
reference_url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
reference_id CVE-2019-10909-ESCAPE-VALIDATION-MESSAGES-IN-THE-PHP-TEMPLATING-ENGINE
reference_type
scores
url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
reference_id CVE-2019-10909.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
11
reference_url https://github.com/advisories/GHSA-g996-q5r8-w7g2
reference_id GHSA-g996-q5r8-w7g2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g996-q5r8-w7g2
fixed_packages
0
url pkg:composer/symfony/symfony@2.7.51
purl pkg:composer/symfony/symfony@2.7.51
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.51
1
url pkg:composer/symfony/symfony@2.8.50
purl pkg:composer/symfony/symfony@2.8.50
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.50
2
url pkg:composer/symfony/symfony@3.4.26
purl pkg:composer/symfony/symfony@3.4.26
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.26
3
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
4
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10909, GHSA-g996-q5r8-w7g2
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5txj-xsnq-ducf
2
url VCID-m1y3-csp4-aqe4
vulnerability_id VCID-m1y3-csp4-aqe4
summary 
Deserialization of Untrusted Data
In Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10912
reference_id
reference_type
scores
0
value 0.01116
scoring_system epss
scoring_elements 0.78513
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10912
1
reference_url https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b
reference_id
reference_type
scores
url https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
18
reference_url https://seclists.org/bugtraq/2019/May/21
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/May/21
19
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-016
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-016
20
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-016/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-016/
21
reference_url https://www.debian.org/security/2019/dsa-4441
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4441
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10912
reference_id CVE-2019-10912
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-10912
23
reference_url https://symfony.com/cve-2019-10912
reference_id CVE-2019-10912
reference_type
scores
url https://symfony.com/cve-2019-10912
24
reference_url https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized
reference_id CVE-2019-10912-PREVENT-DESTRUCTORS-WITH-SIDE-EFFECTS-FROM-BEING-UNSERIALIZED
reference_type
scores
url https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized
25
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml
26
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml
27
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml
28
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml
29
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml
reference_id CVE-2019-10912.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml
30
reference_url https://github.com/advisories/GHSA-w2fr-65vp-mxw3
reference_id GHSA-w2fr-65vp-mxw3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w2fr-65vp-mxw3
fixed_packages
0
url pkg:composer/symfony/symfony@2.8.50
purl pkg:composer/symfony/symfony@2.8.50
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.50
1
url pkg:composer/symfony/symfony@3.4.26
purl pkg:composer/symfony/symfony@3.4.26
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.26
2
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
3
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10912, GHSA-w2fr-65vp-mxw3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1y3-csp4-aqe4
3
url VCID-n1c7-yabu-jye7
vulnerability_id VCID-n1c7-yabu-jye7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10910
reference_id
reference_type
scores
0
value 0.11901
scoring_system epss
scoring_elements 0.93864
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10910
1
reference_url https://github.com/symfony/symfony/commit/3876c75f858d5d82e2c309698d21af2f1d721afb
reference_id
reference_type
scores
url https://github.com/symfony/symfony/commit/3876c75f858d5d82e2c309698d21af2f1d721afb
2
reference_url https://github.com/symfony/symfony/commit/4c80c3444854ef384df94deb4acbcef4b5e5243b
reference_id
reference_type
scores
url https://github.com/symfony/symfony/commit/4c80c3444854ef384df94deb4acbcef4b5e5243b
3
reference_url https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b
reference_id
reference_type
scores
url https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b
4
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
url https://www.synology.com/security/advisory/Synology_SA_19_19
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10910
reference_id CVE-2019-10910
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-10910
6
reference_url https://symfony.com/cve-2019-10910
reference_id CVE-2019-10910
reference_type
scores
url https://symfony.com/cve-2019-10910
7
reference_url https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid
reference_id CVE-2019-10910-CHECK-SERVICE-IDS-ARE-VALID
reference_type
scores
url https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/dependency-injection/CVE-2019-10910.yaml
reference_id CVE-2019-10910.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/dependency-injection/CVE-2019-10910.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/proxy-manager-bridge/CVE-2019-10910.yaml
reference_id CVE-2019-10910.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/proxy-manager-bridge/CVE-2019-10910.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10910.yaml
reference_id CVE-2019-10910.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10910.yaml
11
reference_url https://github.com/advisories/GHSA-pgwj-prpq-jpc2
reference_id GHSA-pgwj-prpq-jpc2
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pgwj-prpq-jpc2
fixed_packages
0
url pkg:composer/symfony/symfony@2.7.51
purl pkg:composer/symfony/symfony@2.7.51
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.51
1
url pkg:composer/symfony/symfony@2.8.50
purl pkg:composer/symfony/symfony@2.8.50
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.50
2
url pkg:composer/symfony/symfony@3.4.26
purl pkg:composer/symfony/symfony@3.4.26
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.26
3
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
4
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10910, GHSA-pgwj-prpq-jpc2
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n1c7-yabu-jye7
4
url VCID-zmrn-3fbj-gqcm
vulnerability_id VCID-zmrn-3fbj-gqcm
summary 
Improper Authentication
In Symfony, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10911
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50816
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10911
1
reference_url https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081
reference_id
reference_type
scores
url https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081
2
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
url https://www.synology.com/security/advisory/Synology_SA_19_19
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10911
reference_id CVE-2019-10911
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-10911
4
reference_url https://symfony.com/cve-2019-10911
reference_id CVE-2019-10911
reference_type
scores
url https://symfony.com/cve-2019-10911
5
reference_url https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash
reference_id CVE-2019-10911-ADD-A-SEPARATOR-IN-THE-REMEMBER-ME-COOKIE-HASH
reference_type
scores
url https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2019-10911.yaml
reference_id CVE-2019-10911.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2019-10911.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2019-10911.yaml
reference_id CVE-2019-10911.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2019-10911.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10911.yaml
reference_id CVE-2019-10911.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10911.yaml
9
reference_url https://github.com/advisories/GHSA-cchx-mfrc-fwqr
reference_id GHSA-cchx-mfrc-fwqr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cchx-mfrc-fwqr
fixed_packages
0
url pkg:composer/symfony/symfony@2.7.51
purl pkg:composer/symfony/symfony@2.7.51
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.51
1
url pkg:composer/symfony/symfony@2.8.50
purl pkg:composer/symfony/symfony@2.8.50
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.50
2
url pkg:composer/symfony/symfony@3.4.26
purl pkg:composer/symfony/symfony@3.4.26
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.26
3
url pkg:composer/symfony/symfony@4.1.12
purl pkg:composer/symfony/symfony@4.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.1.12
4
url pkg:composer/symfony/symfony@4.2.7
purl pkg:composer/symfony/symfony@4.2.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@4.2.7
aliases CVE-2019-10911, GHSA-cchx-mfrc-fwqr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zmrn-3fbj-gqcm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.4.26