Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/symfony/webhook@6.3.8
purl pkg:composer/symfony/webhook@6.3.8
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-znfv-ngqc-fudw Cross-site scripting Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now does not return any user-submitted input in its response. CVE-2023-46735
GHSA-72x2-5c85-6wmr

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:43:07.252340+00:00 GitLab Importer Fixing VCID-znfv-ngqc-fudw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/webhook/CVE-2023-46735.yml 38.4.0
2026-04-12T00:02:41.026909+00:00 GitLab Importer Fixing VCID-znfv-ngqc-fudw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/webhook/CVE-2023-46735.yml 38.3.0
2026-04-03T00:05:40.735686+00:00 GitLab Importer Fixing VCID-znfv-ngqc-fudw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/webhook/CVE-2023-46735.yml 38.1.0
2026-04-02T17:00:40.887004+00:00 GHSA Importer Fixing VCID-znfv-ngqc-fudw https://github.com/advisories/GHSA-72x2-5c85-6wmr 38.1.0
2026-04-01T12:58:47.585181+00:00 GithubOSV Importer Fixing VCID-znfv-ngqc-fudw https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-72x2-5c85-6wmr/GHSA-72x2-5c85-6wmr.json 38.0.0
2026-04-01T12:52:06.289018+00:00 GitLab Importer Fixing VCID-znfv-ngqc-fudw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/webhook/CVE-2023-46735.yml 38.0.0