Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/symfony/cache@3.3.0-BETA1
purl pkg:composer/symfony/cache@3.3.0-BETA1
Next non-vulnerable version 3.4.0
Latest non-vulnerable version 8.0.12
Risk
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-3kvp-hnpd-gbcq
Aliases:
CVE-2019-18889
GHSA-79gr-58r3-pwm3
Injection Vulnerability An issue was discovered in Symfony. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
3.4.0
Affected by 0 other vulnerabilities.
3.4.35
Affected by 0 other vulnerabilities.
4.2.12
Affected by 0 other vulnerabilities.
4.3.8
Affected by 0 other vulnerabilities.
VCID-zeut-9wfp-q7et
Aliases:
CVE-2019-10912
GHSA-w2fr-65vp-mxw3
Deserialization of Untrusted Data In Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to.
3.4.0
Affected by 0 other vulnerabilities.
3.4.26
Affected by 0 other vulnerabilities.
4.1.12
Affected by 2 other vulnerabilities.
4.2.7
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-04T20:25:39.952470+00:00 GitLab Importer Affected by VCID-3kvp-hnpd-gbcq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-18889.yml 38.6.0
2026-06-04T20:21:35.383612+00:00 GitLab Importer Affected by VCID-zeut-9wfp-q7et https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-10912.yml 38.6.0