Search for packages
| purl | pkg:composer/symfony/security-http@4.2.0-BETA2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-23hr-yznx-c3fb
Aliases: CVE-2019-10911 GHSA-cchx-mfrc-fwqr |
Improper Authentication In Symfony, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. |
Affected by 1 other vulnerability. |
|
VCID-kktw-gsen-jyd8
Aliases: CVE-2019-18886 GHSA-4vpc-5jx4-cfqg |
Information Exposure An issue was discovered in Symfony. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:25:44.247776+00:00 | GitLab Importer | Affected by | VCID-kktw-gsen-jyd8 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/security-http/CVE-2019-18886.yml | 38.6.0 |
| 2026-06-04T20:21:39.953522+00:00 | GitLab Importer | Affected by | VCID-23hr-yznx-c3fb | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/security-http/CVE-2019-10911.yml | 38.6.0 |