VulnerableCode Package Details - pkg:deb/debian/symfony@6.4.10%2Bdfsg-1?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/symfony@6.4.10%2Bdfsg-1?distro=trixie

purl	pkg:deb/debian/symfony@6.4.10%2Bdfsg-1?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-pdcr-fsbk-63bx	Symfony's `Security::login` does not take into account custom `user_checker` ### Description The custom `user_checker` defined on a firewall is not called when Login Programmaticaly with the `Security::login` method, leading to unwanted login. ### Resolution The `Security::login` method now ensure to call the configured `user_checker`. The patch for this issue is available [here](https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105) for branch 6.4. ### Credits We would like to thank Oleg Andreyev, Antoine MAKDESSI for reporting the issue and Christian Flothmann for providing the fix.	CVE-2024-50341 GHSA-jxgr-3v7q-3w9v

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:45:35.753433+00:00	Debian Importer	Fixing	VCID-pdcr-fsbk-63bx	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:16:39.070580+00:00	Debian Importer	Fixing	VCID-pdcr-fsbk-63bx	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:53:43.331940+00:00	Debian Importer	Fixing	VCID-pdcr-fsbk-63bx	https://security-tracker.debian.org/tracker/data/json	38.1.0