VulnerableCode Package Details - pkg:composer/symfony/cache@4.2.7

Search for packages

Vulnerability	Summary	Fixed by
VCID-9rsx-fscb-6fh3 Aliases: CVE-2019-18889 GHSA-79gr-58r3-pwm3	Symfony Unsafe Cache Serialization Could Enable RCE An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.	4.2.12 Affected by 0 other vulnerabilities. 4.3.8 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-9rsx-fscb-6fh3
Aliases:
CVE-2019-18889
GHSA-79gr-58r3-pwm3

Symfony Unsafe Cache Serialization Could Enable RCE An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.

4.2.12
Affected by 0 other vulnerabilities.

4.3.8
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4mkw-tv16-jyca	Deserialization of Untrusted Data In Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to.	CVE-2019-10912 GHSA-w2fr-65vp-mxw3

Vulnerability

Summary

Aliases

VCID-4mkw-tv16-jyca

Deserialization of Untrusted Data In Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to.

CVE-2019-10912
GHSA-w2fr-65vp-mxw3

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:58:54.947275+00:00	GitLab Importer	Affected by	VCID-9rsx-fscb-6fh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-18889.yml	38.4.0
2026-04-16T20:54:21.974377+00:00	GitLab Importer	Fixing	VCID-4mkw-tv16-jyca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-10912.yml	38.4.0
2026-04-11T22:10:06.047513+00:00	GitLab Importer	Affected by	VCID-9rsx-fscb-6fh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-18889.yml	38.3.0
2026-04-11T22:05:19.954477+00:00	GitLab Importer	Fixing	VCID-4mkw-tv16-jyca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-10912.yml	38.3.0
2026-04-02T22:22:42.031025+00:00	GitLab Importer	Affected by	VCID-9rsx-fscb-6fh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-18889.yml	38.1.0
2026-04-02T22:18:12.278652+00:00	GitLab Importer	Fixing	VCID-4mkw-tv16-jyca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-10912.yml	38.1.0
2026-04-01T16:40:28.477393+00:00	GitLab Importer	Affected by	VCID-9rsx-fscb-6fh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-18889.yml	38.0.0
2026-04-01T15:57:55.554269+00:00	GHSA Importer	Fixing	VCID-4mkw-tv16-jyca	https://github.com/advisories/GHSA-w2fr-65vp-mxw3	38.0.0
2026-04-01T13:00:06.895501+00:00	GithubOSV Importer	Fixing	VCID-4mkw-tv16-jyca	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/02/GHSA-w2fr-65vp-mxw3/GHSA-w2fr-65vp-mxw3.json	38.0.0
2026-04-01T12:48:28.223593+00:00	GitLab Importer	Fixing	VCID-4mkw-tv16-jyca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-10912.yml	38.0.0