Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/symfony/symfony@3.8.30
purl pkg:composer/symfony/symfony@3.8.30
Tags Ghost
Next non-vulnerable version 5.4.51
Latest non-vulnerable version 8.0.5
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-t2dx-5us4-mkf1
Aliases:
CVE-2017-16653
GHSA-92x6-h2gr-8gxq
Cross-Site Request Forgery (CSRF) The current implementation of CSRF protection in Symfony does not use different tokens for HTTP and HTTPS.
4.0.0
Affected by 27 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T12:47:55.016474+00:00 GitLab Importer Affected by VCID-t2dx-5us4-mkf1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/symfony/CVE-2017-16653.yml 38.0.0