Search for packages
| purl | pkg:composer/sylius/resource-bundle@1.4.7 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-g1vh-b6q7-1ya7 | Injection Vulnerability In SyliusResourceBundle request parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. |
CVE-2020-15146
GHSA-h6m7-j4h3-9rf5 |
| VCID-q8qd-8pyx-jyaa | Injection Vulnerability In SyliusResourceBundle request parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. |
CVE-2020-15143
GHSA-p4pj-9g59-4ppv |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T17:23:52.662083+00:00 | GithubOSV Importer | Fixing | VCID-g1vh-b6q7-1ya7 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/08/GHSA-h6m7-j4h3-9rf5/GHSA-h6m7-j4h3-9rf5.json | 38.6.0 |
| 2026-06-04T17:23:51.698740+00:00 | GithubOSV Importer | Fixing | VCID-q8qd-8pyx-jyaa | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/08/GHSA-p4pj-9g59-4ppv/GHSA-p4pj-9g59-4ppv.json | 38.6.0 |
| 2026-06-04T16:20:10.853173+00:00 | GitLab Importer | Fixing | VCID-q8qd-8pyx-jyaa | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/sylius/resource-bundle/CVE-2020-15143.yml | 38.6.0 |
| 2026-06-04T16:20:10.766923+00:00 | GitLab Importer | Fixing | VCID-g1vh-b6q7-1ya7 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/sylius/resource-bundle/CVE-2020-15146.yml | 38.6.0 |