Search for packages
| purl | pkg:composer/friendsofsymfony/user-bundle@1.2.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-cp9j-3948-mud8
Aliases: GMS-2014-38 |
Insufficient Entropy Entropy is lost in the `TokenGenerator`. |
Affected by 1 other vulnerability. |
|
VCID-ky5a-sata-5yf6
Aliases: CVE-2013-5750 GHSA-9mpf-g3fc-9rgv |
Uncontrolled Resource Consumption The login form in the FriendsOfSymfony FOSUserBundle bundle for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:04:28.027798+00:00 | GitLab Importer | Affected by | VCID-cp9j-3948-mud8 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/GMS-2014-38.yml | 38.6.0 |
| 2026-06-04T20:03:44.973669+00:00 | GitLab Importer | Affected by | VCID-ky5a-sata-5yf6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/CVE-2013-5750.yml | 38.6.0 |