Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/symfony/http-foundation@2.1.12
Typecomposer
Namespacesymfony
Namehttp-foundation
Version2.1.12
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.4.50
Latest_non_vulnerable_version7.3.7
Affected_by_vulnerabilities
0
url VCID-532e-g8g2-m3am
vulnerability_id VCID-532e-g8g2-m3am
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11386
reference_id
reference_type
scores
0
value 0.01086
scoring_system epss
scoring_elements 0.78314
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11386
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2403
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2403
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16652
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16652
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16653
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16654
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16654
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16790
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11385
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11386
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11406
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2018-11386.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2018-11386.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-11386.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-11386.yaml
11
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11386
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-11386
16
reference_url https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler
17
reference_url https://symfony.com/cve-2018-11386
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2018-11386
18
reference_url https://www.debian.org/security/2018/dsa-4262
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4262
fixed_packages
0
url pkg:composer/symfony/http-foundation@2.7.48
purl pkg:composer/symfony/http-foundation@2.7.48
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-532e-g8g2-m3am
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.7.48
1
url pkg:composer/symfony/http-foundation@2.8.41
purl pkg:composer/symfony/http-foundation@2.8.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.8.41
2
url pkg:composer/symfony/http-foundation@3.3.17
purl pkg:composer/symfony/http-foundation@3.3.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-532e-g8g2-m3am
3
vulnerability VCID-6aj5-vhfg-qkgk
4
vulnerability VCID-bhuc-44kp-3fgx
5
vulnerability VCID-rp8k-1gkg-syfa
6
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@3.3.17
3
url pkg:composer/symfony/http-foundation@3.4.11
purl pkg:composer/symfony/http-foundation@3.4.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@3.4.11
4
url pkg:composer/symfony/http-foundation@4.0.11
purl pkg:composer/symfony/http-foundation@4.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@4.0.11
aliases CVE-2018-11386, GHSA-r2rq-3h56-fqm4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-532e-g8g2-m3am
1
url VCID-6aj5-vhfg-qkgk
vulnerability_id VCID-6aj5-vhfg-qkgk
summary symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-50345
reference_id
reference_type
scores
0
value 0.00394
scoring_system epss
scoring_elements 0.60737
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-50345
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50345
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2024-50345.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2024-50345.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-50345.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-50345.yaml
4
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
5
reference_url https://github.com/symfony/symfony/commit/5a9b08e5740af795854b1b639b7d45b9cbfe8819
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/5a9b08e5740af795854b1b639b7d45b9cbfe8819
6
reference_url https://lists.debian.org/debian-lts-announce/2025/05/msg00051.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/05/msg00051.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-50345
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-50345
8
reference_url https://symfony.com/cve-2024-50345
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2024-50345
9
reference_url https://github.com/advisories/GHSA-mrqx-rp3w-jpjp
reference_id GHSA-mrqx-rp3w-jpjp
reference_type
scores
url https://github.com/advisories/GHSA-mrqx-rp3w-jpjp
10
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp
reference_id GHSA-mrqx-rp3w-jpjp
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:21:57Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp
11
reference_url https://url.spec.whatwg.org
reference_id url.spec.whatwg.org
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:21:57Z/
url https://url.spec.whatwg.org
12
reference_url https://usn.ubuntu.com/7272-1/
reference_id USN-7272-1
reference_type
scores
url https://usn.ubuntu.com/7272-1/
fixed_packages
0
url pkg:composer/symfony/http-foundation@5.4.46
purl pkg:composer/symfony/http-foundation@5.4.46
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@5.4.46
1
url pkg:composer/symfony/http-foundation@6.4.14
purl pkg:composer/symfony/http-foundation@6.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@6.4.14
2
url pkg:composer/symfony/http-foundation@7.1.7
purl pkg:composer/symfony/http-foundation@7.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@7.1.7
3
url pkg:composer/symfony/http-foundation@7.2.0-BETA1
purl pkg:composer/symfony/http-foundation@7.2.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@7.2.0-BETA1
aliases CVE-2024-50345, GHSA-mrqx-rp3w-jpjp
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6aj5-vhfg-qkgk
2
url VCID-b6m1-dn1m-h3ge
vulnerability_id VCID-b6m1-dn1m-h3ge
summary Symfony vulnerable to denial of service via a malicious HTTP Host header
references
0
reference_url https://github.com/symfony/symfony/commit/1ee96a8b1b0987ffe2a62dca7ad268bf9edfa9b8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/1ee96a8b1b0987ffe2a62dca7ad268bf9edfa9b8
1
reference_url https://github.com/symfony/symfony/pull/11828
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/pull/11828
2
reference_url https://symfony.com/cve-2014-5244
reference_id CVE-2014-5244
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2014-5244
3
reference_url https://symfony.com/blog/cve-2014-5244-denial-of-service-with-a-malicious-http-host-header
reference_id CVE-2014-5244-DENIAL-OF-SERVICE-WITH-A-MALICIOUS-HTTP-HOST-HEADER
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2014-5244-denial-of-service-with-a-malicious-http-host-header
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2014-5244.yaml
reference_id CVE-2014-5244.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2014-5244.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-5244.yaml
reference_id CVE-2014-5244.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-5244.yaml
6
reference_url https://github.com/advisories/GHSA-v77v-x634-9m56
reference_id GHSA-v77v-x634-9m56
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v77v-x634-9m56
fixed_packages
0
url pkg:composer/symfony/http-foundation@2.3.19
purl pkg:composer/symfony/http-foundation@2.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.3.19
1
url pkg:composer/symfony/http-foundation@2.4.9
purl pkg:composer/symfony/http-foundation@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.4.9
2
url pkg:composer/symfony/http-foundation@2.5.0-BETA1
purl pkg:composer/symfony/http-foundation@2.5.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.5.0-BETA1
3
url pkg:composer/symfony/http-foundation@2.5.4
purl pkg:composer/symfony/http-foundation@2.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.5.4
4
url pkg:composer/symfony/http-foundation@2.5.11
purl pkg:composer/symfony/http-foundation@2.5.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.5.11
aliases CVE-2014-5244, GHSA-v77v-x634-9m56
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6m1-dn1m-h3ge
3
url VCID-bhuc-44kp-3fgx
vulnerability_id VCID-bhuc-44kp-3fgx
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14773
reference_id
reference_type
scores
0
value 0.16652
scoring_system epss
scoring_elements 0.95079
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14773
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
9
reference_url https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b
10
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
11
reference_url https://seclists.org/bugtraq/2019/May/21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/21
12
reference_url https://www.debian.org/security/2019/dsa-4441
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4441
13
reference_url https://www.drupal.org/SA-CORE-2018-005
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2018-005
14
reference_url http://www.securityfocus.com/bid/104943
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104943
15
reference_url http://www.securitytracker.com/id/1041405
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1041405
16
reference_url https://security.archlinux.org/AVG-744
reference_id AVG-744
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-744
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14773
reference_id CVE-2018-14773
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14773
18
reference_url https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers
reference_id CVE-2018-14773-REMOVE-SUPPORT-FOR-LEGACY-AND-RISKY-HTTP-HEADERS
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers
19
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2018-14773.yaml
reference_id CVE-2018-14773.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2018-14773.yaml
20
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-14773.yaml
reference_id CVE-2018-14773.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-14773.yaml
21
reference_url https://github.com/advisories/GHSA-8wgj-6wx8-h5hq
reference_id GHSA-8wgj-6wx8-h5hq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8wgj-6wx8-h5hq
fixed_packages
0
url pkg:composer/symfony/http-foundation@2.7.49
purl pkg:composer/symfony/http-foundation@2.7.49
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.7.49
1
url pkg:composer/symfony/http-foundation@2.8.44
purl pkg:composer/symfony/http-foundation@2.8.44
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.8.44
2
url pkg:composer/symfony/http-foundation@3.3.18
purl pkg:composer/symfony/http-foundation@3.3.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@3.3.18
3
url pkg:composer/symfony/http-foundation@3.4.14
purl pkg:composer/symfony/http-foundation@3.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@3.4.14
4
url pkg:composer/symfony/http-foundation@4.0.14
purl pkg:composer/symfony/http-foundation@4.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@4.0.14
5
url pkg:composer/symfony/http-foundation@4.1.3
purl pkg:composer/symfony/http-foundation@4.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-277x-pbyn-v7em
1
vulnerability VCID-48cj-cbs6-83d7
2
vulnerability VCID-6aj5-vhfg-qkgk
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@4.1.3
aliases CVE-2018-14773, GHSA-8wgj-6wx8-h5hq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bhuc-44kp-3fgx
4
url VCID-rp8k-1gkg-syfa
vulnerability_id VCID-rp8k-1gkg-syfa
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18888
reference_id
reference_type
scores
0
value 0.0231
scoring_system epss
scoring_elements 0.85117
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18888
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18887
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18887
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18888
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18888
3
reference_url https://github.com/symfony/symfony/releases/tag/v4.3.8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/releases/tag/v4.3.8
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/
16
reference_url https://symfony.com/blog/symfony-4-3-8-released
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/symfony-4-3-8-released
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18888
reference_id CVE-2019-18888
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18888
18
reference_url https://symfony.com/cve-2019-18888
reference_id CVE-2019-18888
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-18888
19
reference_url https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser
reference_id CVE-2019-18888-PREVENT-ARGUMENT-INJECTION-IN-A-MIMETYPEGUESSER
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser
20
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-18888.yaml
reference_id CVE-2019-18888.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2019-18888.yaml
21
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/mime/CVE-2019-18888.yaml
reference_id CVE-2019-18888.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/mime/CVE-2019-18888.yaml
22
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18888.yaml
reference_id CVE-2019-18888.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-18888.yaml
23
reference_url https://github.com/advisories/GHSA-xhh6-956q-4q69
reference_id GHSA-xhh6-956q-4q69
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xhh6-956q-4q69
fixed_packages
0
url pkg:composer/symfony/http-foundation@2.8.52
purl pkg:composer/symfony/http-foundation@2.8.52
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-48cj-cbs6-83d7
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.8.52
1
url pkg:composer/symfony/http-foundation@3.4.35
purl pkg:composer/symfony/http-foundation@3.4.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-48cj-cbs6-83d7
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@3.4.35
2
url pkg:composer/symfony/http-foundation@4.2.12
purl pkg:composer/symfony/http-foundation@4.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-48cj-cbs6-83d7
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@4.2.12
3
url pkg:composer/symfony/http-foundation@4.3.8
purl pkg:composer/symfony/http-foundation@4.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-48cj-cbs6-83d7
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@4.3.8
aliases CVE-2019-18888, GHSA-xhh6-956q-4q69
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp8k-1gkg-syfa
5
url VCID-ybs8-7wz2-quc4
vulnerability_id VCID-ybs8-7wz2-quc4
summary Symfony has a security issue when parsing the Authorization header
references
0
reference_url https://github.com/symfony/symfony/commit/3b4046e89467dc1fb5e079e377c2cfd4c239f904
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/3b4046e89467dc1fb5e079e377c2cfd4c239f904
1
reference_url https://github.com/symfony/symfony/pull/11829
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/pull/11829
2
reference_url https://symfony.com/cve-2014-6061
reference_id CVE-2014-6061
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2014-6061
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2014-6061.yaml
reference_id CVE-2014-6061.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2014-6061.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-6061.yaml
reference_id CVE-2014-6061.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2014-6061.yaml
5
reference_url https://github.com/advisories/GHSA-h7v2-2qwg-h829
reference_id GHSA-h7v2-2qwg-h829
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h7v2-2qwg-h829
fixed_packages
0
url pkg:composer/symfony/http-foundation@2.3.19
purl pkg:composer/symfony/http-foundation@2.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.3.19
1
url pkg:composer/symfony/http-foundation@2.4.9
purl pkg:composer/symfony/http-foundation@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.4.9
2
url pkg:composer/symfony/http-foundation@2.5.0-BETA1
purl pkg:composer/symfony/http-foundation@2.5.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.5.0-BETA1
3
url pkg:composer/symfony/http-foundation@2.5.4
purl pkg:composer/symfony/http-foundation@2.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-yu7n-cv95-abc7
5
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.5.4
4
url pkg:composer/symfony/http-foundation@2.5.11
purl pkg:composer/symfony/http-foundation@2.5.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.5.11
aliases CVE-2014-6061, GHSA-h7v2-2qwg-h829
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ybs8-7wz2-quc4
6
url VCID-yu7n-cv95-abc7
vulnerability_id VCID-yu7n-cv95-abc7
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2309
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2309
1
reference_url https://github.com/symfony/symfony/commit/6c73f0ce9302a0091bbfbb96f317e400ce16ef84
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/6c73f0ce9302a0091bbfbb96f317e400ce16ef84
2
reference_url https://github.com/symfony/symfony/pull/14166
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/pull/14166
3
reference_url https://symfony.com/cve-2015-2309
reference_id CVE-2015-2309
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2015-2309
4
reference_url http://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class
reference_id CVE-2015-2309-UNSAFE-METHODS-IN-THE-REQUEST-CLASS
reference_type
scores
url http://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2015-2309.yaml
reference_id CVE-2015-2309.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2015-2309.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2015-2309.yaml
reference_id CVE-2015-2309.YAML
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2015-2309.yaml
7
reference_url https://github.com/advisories/GHSA-p684-f7fh-jv2j
reference_id GHSA-p684-f7fh-jv2j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p684-f7fh-jv2j
fixed_packages
0
url pkg:composer/symfony/http-foundation@2.3.27
purl pkg:composer/symfony/http-foundation@2.3.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.3.27
1
url pkg:composer/symfony/http-foundation@2.3.29
purl pkg:composer/symfony/http-foundation@2.3.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-b6m1-dn1m-h3ge
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-ybs8-7wz2-quc4
6
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.3.29
2
url pkg:composer/symfony/http-foundation@2.5.11
purl pkg:composer/symfony/http-foundation@2.5.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.5.11
3
url pkg:composer/symfony/http-foundation@2.6.6
purl pkg:composer/symfony/http-foundation@2.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.6.6
4
url pkg:composer/symfony/http-foundation@2.6.8
purl pkg:composer/symfony/http-foundation@2.6.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-bhuc-44kp-3fgx
3
vulnerability VCID-rp8k-1gkg-syfa
4
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.6.8
aliases CVE-2015-2309, GHSA-p684-f7fh-jv2j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yu7n-cv95-abc7
7
url VCID-zws9-ffpd-5ffw
vulnerability_id VCID-zws9-ffpd-5ffw
summary Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony's HttpFoundation component defines an object-oriented layer for the HTTP specification. Starting in version 2.0.0 and prior to version 5.4.50, 6.4.29, and 7.3.7, the `Request` class improperly interprets some `PATH_INFO` in a way that leads to representing some URLs with a path that doesn't start with a `/`. This can allow bypassing some access control rules that are built with this `/`-prefix assumption. Starting in versions 5.4.50, 6.4.29, and 7.3.7, the `Request` class now ensures that URL paths always start with a `/`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64500
reference_id
reference_type
scores
0
value 0.06307
scoring_system epss
scoring_elements 0.91154
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64500
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64500
2
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
3
reference_url https://github.com/symfony/symfony/commit/9962b91b12bb791322fa73836b350836b6db7cac
reference_id 9962b91b12bb791322fa73836b350836b6db7cac
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/symfony/symfony/commit/9962b91b12bb791322fa73836b350836b6db7cac
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64500
reference_id CVE-2025-64500
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64500
5
reference_url https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass
reference_id cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2025-64500.yaml
reference_id CVE-2025-64500.yaml
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2025-64500.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2025-64500.yaml
reference_id CVE-2025-64500.yaml
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2025-64500.yaml
8
reference_url https://github.com/advisories/GHSA-3rg7-wf37-54rm
reference_id GHSA-3rg7-wf37-54rm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3rg7-wf37-54rm
9
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-3rg7-wf37-54rm
reference_id GHSA-3rg7-wf37-54rm
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:50:43Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-3rg7-wf37-54rm
fixed_packages
0
url pkg:composer/symfony/http-foundation@5.4.50
purl pkg:composer/symfony/http-foundation@5.4.50
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@5.4.50
1
url pkg:composer/symfony/http-foundation@6.4.29
purl pkg:composer/symfony/http-foundation@6.4.29
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@6.4.29
2
url pkg:composer/symfony/http-foundation@7.3.7
purl pkg:composer/symfony/http-foundation@7.3.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@7.3.7
aliases CVE-2025-64500, GHSA-3rg7-wf37-54rm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zws9-ffpd-5ffw
Fixing_vulnerabilities
0
url VCID-a3d8-ejjy-uyhs
vulnerability_id VCID-a3d8-ejjy-uyhs
summary Symfony Host Header Injection vulnerability in the HttpFoundation component
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4752
reference_id
reference_type
scores
0
value 0.00928
scoring_system epss
scoring_elements 0.76528
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4752
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86365
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86365
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86366
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86366
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86367
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86367
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86368
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86368
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86369
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86369
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86370
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86370
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86371
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86371
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86372
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86372
12
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86373
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86373
13
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86374
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86374
14
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
15
reference_url https://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released
16
reference_url https://web.archive.org/web/20130901060826/http://www.securityfocus.com/bid/61715
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130901060826/http://www.securityfocus.com/bid/61715
17
reference_url http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4752
reference_id CVE-2013-4752
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4752
19
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2013-4752.yaml
reference_id CVE-2013-4752.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2013-4752.yaml
20
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2013-4752.yaml
reference_id CVE-2013-4752.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2013-4752.yaml
21
reference_url https://github.com/advisories/GHSA-22pv-7v9j-hqxp
reference_id GHSA-22pv-7v9j-hqxp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-22pv-7v9j-hqxp
fixed_packages
0
url pkg:composer/symfony/http-foundation@2.0.24
purl pkg:composer/symfony/http-foundation@2.0.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-b6m1-dn1m-h3ge
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-ybs8-7wz2-quc4
6
vulnerability VCID-yu7n-cv95-abc7
7
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.0.24
1
url pkg:composer/symfony/http-foundation@2.1.12
purl pkg:composer/symfony/http-foundation@2.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-b6m1-dn1m-h3ge
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-ybs8-7wz2-quc4
6
vulnerability VCID-yu7n-cv95-abc7
7
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.1.12
2
url pkg:composer/symfony/http-foundation@2.2.5
purl pkg:composer/symfony/http-foundation@2.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-b6m1-dn1m-h3ge
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-ybs8-7wz2-quc4
6
vulnerability VCID-yu7n-cv95-abc7
7
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.2.5
3
url pkg:composer/symfony/http-foundation@2.3.3
purl pkg:composer/symfony/http-foundation@2.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-532e-g8g2-m3am
1
vulnerability VCID-6aj5-vhfg-qkgk
2
vulnerability VCID-b6m1-dn1m-h3ge
3
vulnerability VCID-bhuc-44kp-3fgx
4
vulnerability VCID-rp8k-1gkg-syfa
5
vulnerability VCID-ybs8-7wz2-quc4
6
vulnerability VCID-yu7n-cv95-abc7
7
vulnerability VCID-zws9-ffpd-5ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.3.3
aliases CVE-2013-4752, GHSA-22pv-7v9j-hqxp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3d8-ejjy-uyhs
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/symfony/http-foundation@2.1.12