VulnerableCode Package Details - pkg:composer/symfony/security-http@8.0.12

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-31pu-2pt7-2fh2	Symfony Vulnerable to Identity Spoofing via Unanchored DN Regex in X509Authenticator	CVE-2026-45063 GHSA-ph86-p8f6-f9r2
VCID-3rs1-f6qt-vqbn	Symfony's OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims	CVE-2026-45069 GHSA-29fc-p6c4-24cg
VCID-5uge-2gtu-tkdw	Symfony's Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay	CVE-2026-45074 GHSA-j8gj-9rm5-4xhx
VCID-x5hp-7y5c-4qep	Synfony's HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]	CVE-2026-45075 GHSA-6439-2f28-8p8q

Vulnerability

Summary

Aliases

VCID-31pu-2pt7-2fh2

Symfony Vulnerable to Identity Spoofing via Unanchored DN Regex in X509Authenticator

CVE-2026-45063
GHSA-ph86-p8f6-f9r2

VCID-3rs1-f6qt-vqbn

Symfony's OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims

CVE-2026-45069
GHSA-29fc-p6c4-24cg

VCID-5uge-2gtu-tkdw

Symfony's Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay

CVE-2026-45074
GHSA-j8gj-9rm5-4xhx

VCID-x5hp-7y5c-4qep

Synfony's HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

CVE-2026-45075
GHSA-6439-2f28-8p8q

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T10:57:52.858417+00:00	GithubOSV Importer	Fixing	VCID-5uge-2gtu-tkdw	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-j8gj-9rm5-4xhx/GHSA-j8gj-9rm5-4xhx.json	38.6.0
2026-05-31T10:57:11.892542+00:00	GithubOSV Importer	Fixing	VCID-x5hp-7y5c-4qep	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-6439-2f28-8p8q/GHSA-6439-2f28-8p8q.json	38.6.0
2026-05-31T10:56:51.283624+00:00	GithubOSV Importer	Fixing	VCID-3rs1-f6qt-vqbn	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-29fc-p6c4-24cg/GHSA-29fc-p6c4-24cg.json	38.6.0
2026-05-31T10:56:44.683055+00:00	GithubOSV Importer	Fixing	VCID-31pu-2pt7-2fh2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-ph86-p8f6-f9r2/GHSA-ph86-p8f6-f9r2.json	38.6.0
2026-05-31T01:09:06.889661+00:00	GHSA Importer	Fixing	VCID-x5hp-7y5c-4qep	https://github.com/advisories/GHSA-6439-2f28-8p8q	38.6.0
2026-05-31T01:09:06.655953+00:00	GHSA Importer	Fixing	VCID-5uge-2gtu-tkdw	https://github.com/advisories/GHSA-j8gj-9rm5-4xhx	38.6.0
2026-05-31T01:09:05.076710+00:00	GHSA Importer	Fixing	VCID-3rs1-f6qt-vqbn	https://github.com/advisories/GHSA-29fc-p6c4-24cg	38.6.0
2026-05-31T01:09:02.549869+00:00	GHSA Importer	Fixing	VCID-31pu-2pt7-2fh2	https://github.com/advisories/GHSA-ph86-p8f6-f9r2	38.6.0