Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/symfony@3.4.22%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/symfony@3.4.22%2Bdfsg-2?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-3uu1-kftu-nbhd SQL Injection In Symfony HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. CVE-2019-10913
GHSA-x92h-wmg2-6hp7
VCID-4mkw-tv16-jyca Deserialization of Untrusted Data In Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. CVE-2019-10912
GHSA-w2fr-65vp-mxw3
VCID-636u-5bdw-puh4 Cross-site Scripting In Symfony, validation messages are not escaped, which can lead to XSS when user input is included. CVE-2019-10909
GHSA-g996-q5r8-w7g2
VCID-7sm1-74du-47gc Symfony Service IDs Allow Injection In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection. CVE-2019-10910
GHSA-pgwj-prpq-jpc2
VCID-bpkv-qrmp-huac Improper Authentication In Symfony, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. CVE-2019-10911
GHSA-cchx-mfrc-fwqr

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:14:21.225682+00:00 Debian Importer Fixing VCID-4mkw-tv16-jyca https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:28:23.058629+00:00 Debian Importer Fixing VCID-636u-5bdw-puh4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:26:19.442152+00:00 Debian Importer Fixing VCID-3uu1-kftu-nbhd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:53:31.849441+00:00 Debian Importer Fixing VCID-bpkv-qrmp-huac https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:44:19.178831+00:00 Debian Importer Fixing VCID-7sm1-74du-47gc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:06:56.001807+00:00 Debian Importer Fixing VCID-4mkw-tv16-jyca https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:19:01.348231+00:00 Debian Importer Fixing VCID-636u-5bdw-puh4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:17:52.598056+00:00 Debian Importer Fixing VCID-3uu1-kftu-nbhd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:58:01.864160+00:00 Debian Importer Fixing VCID-bpkv-qrmp-huac https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:52:13.901093+00:00 Debian Importer Fixing VCID-7sm1-74du-47gc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:53:42.289045+00:00 Debian Importer Fixing VCID-3uu1-kftu-nbhd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:42.247880+00:00 Debian Importer Fixing VCID-4mkw-tv16-jyca https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:42.206092+00:00 Debian Importer Fixing VCID-bpkv-qrmp-huac https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:42.161189+00:00 Debian Importer Fixing VCID-7sm1-74du-47gc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:42.119918+00:00 Debian Importer Fixing VCID-636u-5bdw-puh4 https://security-tracker.debian.org/tracker/data/json 38.1.0