VulnerableCode Package Details - pkg:composer/friendsofsymfony/user-bundle@1.2.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/friendsofsymfony/user-bundle@1.2.1

Essentials
History (8)

purl	pkg:composer/friendsofsymfony/user-bundle@1.2.1

Next non-vulnerable version	1.3.5
Latest non-vulnerable version	1.3.5
Risk	4.0

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-15hs-7nbh-9kgc Aliases: GMS-2014-38	Insufficient Entropy Entropy is lost in the `TokenGenerator`.	1.3.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-2vpz-wp84-97cw Aliases: GHSA-6mjq-9x4w-m3w9	FOSUserBundle Session Hijacking Vulnerability	1.2.4 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-7zcc-677n-ckd7 Aliases: GHSA-pjx8-984p-7p3x	FOSUserBundle Entropy is lost in the TokenGenerator	1.3.5 Affected by 0 other vulnerabilities.
VCID-zv2h-w5pu-33b3 Aliases: CVE-2013-5750 GHSA-9mpf-g3fc-9rgv		1.2.5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.3.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-73u8-v41n-bkhv	FOSUserBundle User Identity Validation Vulnerability	GHSA-8wx3-8m4x-g5h4
VCID-duff-hq3t-jugv	Improper Access Control User refreshing to check the identity by primary key instead of username.	GMS-2012-6

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T19:28:47.631155+00:00	GitLab Importer	Affected by	VCID-2vpz-wp84-97cw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/GHSA-6mjq-9x4w-m3w9.yml	38.6.0
2026-06-12T19:28:45.504006+00:00	GitLab Importer	Fixing	VCID-73u8-v41n-bkhv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/GHSA-8wx3-8m4x-g5h4.yml	38.6.0
2026-06-12T19:28:38.813131+00:00	GitLab Importer	Affected by	VCID-7zcc-677n-ckd7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/GHSA-pjx8-984p-7p3x.yml	38.6.0
2026-06-12T16:47:50.901161+00:00	GitLab Importer	Affected by	VCID-15hs-7nbh-9kgc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/GMS-2014-38.yml	38.6.0
2026-06-12T16:46:46.060072+00:00	GitLab Importer	Affected by	VCID-zv2h-w5pu-33b3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/CVE-2013-5750.yml	38.6.0
2026-06-12T15:38:56.346343+00:00	GitLab Importer	Fixing	VCID-duff-hq3t-jugv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/GMS-2012-6.yml	38.6.0
2026-06-12T07:44:31.192657+00:00	GithubOSV Importer	Fixing	VCID-73u8-v41n-bkhv	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-8wx3-8m4x-g5h4/GHSA-8wx3-8m4x-g5h4.json	38.6.0
2026-06-11T20:34:49.878707+00:00	GHSA Importer	Fixing	VCID-73u8-v41n-bkhv	https://github.com/advisories/GHSA-8wx3-8m4x-g5h4	38.6.0