Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-kqcd-f4vt-r7g8
Summary
Session Fixation
`Symfony/SecurityBundle` is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore.
Aliases
0
alias CVE-2021-41268
1
alias GHSA-qw36-p97w-vcqr
Fixed_packages
0
url pkg:composer/symfony/security-bundle@5.3.12
purl pkg:composer/symfony/security-bundle@5.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.12
1
url pkg:composer/symfony/security-bundle@5.4.0-BETA1
purl pkg:composer/symfony/security-bundle@5.4.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.4.0-BETA1
2
url pkg:composer/symfony/security-http@5.4.0-BETA1
purl pkg:composer/symfony/security-http@5.4.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-sbsb-u8u5-4bcm
2
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.0-BETA1
3
url pkg:composer/symfony/security-http@5.4.0
purl pkg:composer/symfony/security-http@5.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-sbsb-u8u5-4bcm
2
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.0
4
url pkg:composer/symfony/symfony@5.3.12
purl pkg:composer/symfony/symfony@5.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-kgu6-gj5d-7bfx
7
vulnerability VCID-p1dw-w76f-gbfv
8
vulnerability VCID-qwcj-hq3g-2qd7
9
vulnerability VCID-rgh3-ef8t-k3ec
10
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.12
5
url pkg:composer/symfony/symfony@5.4.0-BETA1
purl pkg:composer/symfony/symfony@5.4.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-kgu6-gj5d-7bfx
7
vulnerability VCID-p1dw-w76f-gbfv
8
vulnerability VCID-rgh3-ef8t-k3ec
9
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.0-BETA1
6
url pkg:deb/debian/symfony@0?distro=trixie
purl pkg:deb/debian/symfony@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@0%3Fdistro=trixie
7
url pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p1dw-w76f-gbfv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@4.4.19%252Bdfsg-2%252Bdeb11u6%3Fdistro=trixie
8
url pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.23%252Bdfsg-1%252Bdeb12u5%3Fdistro=trixie
9
url pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@6.4.21%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie
10
url pkg:deb/debian/symfony@7.4.7%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.7%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.7%252Bdfsg-1%3Fdistro=trixie
11
url pkg:deb/debian/symfony@7.4.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.8%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.8%252Bdfsg-1%3Fdistro=trixie
12
url pkg:deb/debian/symfony@7.4.9%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.9%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.9%252Bdfsg-1%3Fdistro=trixie
13
url pkg:deb/debian/symfony@7.4.10%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.10%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.10%252Bdfsg-1%3Fdistro=trixie
Affected_packages
0
url pkg:composer/symfony/security@5.3.0
purl pkg:composer/symfony/security@5.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security@5.3.0
1
url pkg:composer/symfony/security-bundle@5.3.0
purl pkg:composer/symfony/security-bundle@5.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
1
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.0
2
url pkg:composer/symfony/security-bundle@5.3.2
purl pkg:composer/symfony/security-bundle@5.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
1
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.2
3
url pkg:composer/symfony/security-bundle@5.3.3
purl pkg:composer/symfony/security-bundle@5.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
1
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.3
4
url pkg:composer/symfony/security-bundle@5.3.4
purl pkg:composer/symfony/security-bundle@5.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
1
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.4
5
url pkg:composer/symfony/security-bundle@5.3.7
purl pkg:composer/symfony/security-bundle@5.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
1
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.7
6
url pkg:composer/symfony/security-bundle@5.3.8
purl pkg:composer/symfony/security-bundle@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
1
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.8
7
url pkg:composer/symfony/security-bundle@5.3.11
purl pkg:composer/symfony/security-bundle@5.3.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kqcd-f4vt-r7g8
1
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-bundle@5.3.11
8
url pkg:composer/symfony/security-http@5.3.0
purl pkg:composer/symfony/security-http@5.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ts3-y5j2-vufe
1
vulnerability VCID-bdhj-np35-sybt
2
vulnerability VCID-kqcd-f4vt-r7g8
3
vulnerability VCID-n3d2-zwve-gbf5
4
vulnerability VCID-sbsb-u8u5-4bcm
5
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.0
9
url pkg:composer/symfony/security-http@5.3.1
purl pkg:composer/symfony/security-http@5.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ts3-y5j2-vufe
1
vulnerability VCID-bdhj-np35-sybt
2
vulnerability VCID-kqcd-f4vt-r7g8
3
vulnerability VCID-n3d2-zwve-gbf5
4
vulnerability VCID-sbsb-u8u5-4bcm
5
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.1
10
url pkg:composer/symfony/security-http@5.3.2
purl pkg:composer/symfony/security-http@5.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.2
11
url pkg:composer/symfony/security-http@5.3.3
purl pkg:composer/symfony/security-http@5.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.3
12
url pkg:composer/symfony/security-http@5.3.4
purl pkg:composer/symfony/security-http@5.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.4
13
url pkg:composer/symfony/security-http@5.3.6
purl pkg:composer/symfony/security-http@5.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.6
14
url pkg:composer/symfony/security-http@5.3.7
purl pkg:composer/symfony/security-http@5.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.7
15
url pkg:composer/symfony/security-http@5.3.8
purl pkg:composer/symfony/security-http@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.8
16
url pkg:composer/symfony/security-http@5.3.10
purl pkg:composer/symfony/security-http@5.3.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.10
17
url pkg:composer/symfony/security-http@5.3.11
purl pkg:composer/symfony/security-http@5.3.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bdhj-np35-sybt
1
vulnerability VCID-kqcd-f4vt-r7g8
2
vulnerability VCID-n3d2-zwve-gbf5
3
vulnerability VCID-sbsb-u8u5-4bcm
4
vulnerability VCID-v4rq-bsry-puct
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.3.11
18
url pkg:composer/symfony/symfony@5.3.0
purl pkg:composer/symfony/symfony@5.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ts3-y5j2-vufe
1
vulnerability VCID-4num-z8cg-83gt
2
vulnerability VCID-8kq8-2mv9-s3ad
3
vulnerability VCID-9bzz-84cq-ykh2
4
vulnerability VCID-bdhj-np35-sybt
5
vulnerability VCID-c8ar-82sr-fqej
6
vulnerability VCID-en6a-wp7q-fbfs
7
vulnerability VCID-j2su-wjra-tbh1
8
vulnerability VCID-kgu6-gj5d-7bfx
9
vulnerability VCID-kqcd-f4vt-r7g8
10
vulnerability VCID-n3d2-zwve-gbf5
11
vulnerability VCID-p1dw-w76f-gbfv
12
vulnerability VCID-qwcj-hq3g-2qd7
13
vulnerability VCID-rgh3-ef8t-k3ec
14
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.0
19
url pkg:composer/symfony/symfony@5.3.1
purl pkg:composer/symfony/symfony@5.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.1
20
url pkg:composer/symfony/symfony@5.3.2
purl pkg:composer/symfony/symfony@5.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.2
21
url pkg:composer/symfony/symfony@5.3.3
purl pkg:composer/symfony/symfony@5.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.3
22
url pkg:composer/symfony/symfony@5.3.4
purl pkg:composer/symfony/symfony@5.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.4
23
url pkg:composer/symfony/symfony@5.3.5
purl pkg:composer/symfony/symfony@5.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.5
24
url pkg:composer/symfony/symfony@5.3.6
purl pkg:composer/symfony/symfony@5.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.6
25
url pkg:composer/symfony/symfony@5.3.7
purl pkg:composer/symfony/symfony@5.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.7
26
url pkg:composer/symfony/symfony@5.3.8
purl pkg:composer/symfony/symfony@5.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.8
27
url pkg:composer/symfony/symfony@5.3.9
purl pkg:composer/symfony/symfony@5.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.9
28
url pkg:composer/symfony/symfony@5.3.10
purl pkg:composer/symfony/symfony@5.3.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.10
29
url pkg:composer/symfony/symfony@5.3.11
purl pkg:composer/symfony/symfony@5.3.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4num-z8cg-83gt
1
vulnerability VCID-8kq8-2mv9-s3ad
2
vulnerability VCID-9bzz-84cq-ykh2
3
vulnerability VCID-bdhj-np35-sybt
4
vulnerability VCID-c8ar-82sr-fqej
5
vulnerability VCID-en6a-wp7q-fbfs
6
vulnerability VCID-j2su-wjra-tbh1
7
vulnerability VCID-kgu6-gj5d-7bfx
8
vulnerability VCID-kqcd-f4vt-r7g8
9
vulnerability VCID-n3d2-zwve-gbf5
10
vulnerability VCID-p1dw-w76f-gbfv
11
vulnerability VCID-qwcj-hq3g-2qd7
12
vulnerability VCID-rgh3-ef8t-k3ec
13
vulnerability VCID-thtp-ehsj-t3ej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.3.11
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41268
reference_id
reference_type
scores
0
value 0.00476
scoring_system epss
scoring_elements 0.65039
published_at 2026-05-14T12:55:00Z
1
value 0.00476
scoring_system epss
scoring_elements 0.64778
published_at 2026-04-01T12:55:00Z
2
value 0.00476
scoring_system epss
scoring_elements 0.64828
published_at 2026-04-02T12:55:00Z
3
value 0.00476
scoring_system epss
scoring_elements 0.64855
published_at 2026-04-04T12:55:00Z
4
value 0.00476
scoring_system epss
scoring_elements 0.64818
published_at 2026-04-07T12:55:00Z
5
value 0.00476
scoring_system epss
scoring_elements 0.64868
published_at 2026-04-08T12:55:00Z
6
value 0.00476
scoring_system epss
scoring_elements 0.64883
published_at 2026-04-09T12:55:00Z
7
value 0.00476
scoring_system epss
scoring_elements 0.649
published_at 2026-04-16T12:55:00Z
8
value 0.00476
scoring_system epss
scoring_elements 0.64891
published_at 2026-04-12T12:55:00Z
9
value 0.00476
scoring_system epss
scoring_elements 0.64863
published_at 2026-04-13T12:55:00Z
10
value 0.00476
scoring_system epss
scoring_elements 0.64911
published_at 2026-04-18T12:55:00Z
11
value 0.00476
scoring_system epss
scoring_elements 0.64896
published_at 2026-04-21T12:55:00Z
12
value 0.00476
scoring_system epss
scoring_elements 0.64914
published_at 2026-04-24T12:55:00Z
13
value 0.00476
scoring_system epss
scoring_elements 0.64927
published_at 2026-04-26T12:55:00Z
14
value 0.00476
scoring_system epss
scoring_elements 0.64922
published_at 2026-04-29T12:55:00Z
15
value 0.00476
scoring_system epss
scoring_elements 0.64903
published_at 2026-05-05T12:55:00Z
16
value 0.00476
scoring_system epss
scoring_elements 0.6495
published_at 2026-05-07T12:55:00Z
17
value 0.00476
scoring_system epss
scoring_elements 0.64992
published_at 2026-05-09T12:55:00Z
18
value 0.00476
scoring_system epss
scoring_elements 0.64962
published_at 2026-05-11T12:55:00Z
19
value 0.00476
scoring_system epss
scoring_elements 0.64982
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41268
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2021-41268.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2021-41268.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2021-41268.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2021-41268.yaml
3
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
4
reference_url https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc
5
reference_url https://github.com/symfony/symfony/pull/44243
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/pull/44243
6
reference_url https://github.com/symfony/symfony/releases/tag/v5.3.12
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/releases/tag/v5.3.12
7
reference_url https://symfony.com/cve-2021-41268
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2021-41268
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41268
reference_id CVE-2021-41268
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41268
9
reference_url https://github.com/advisories/GHSA-qw36-p97w-vcqr
reference_id GHSA-qw36-p97w-vcqr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw36-p97w-vcqr
10
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr
reference_id GHSA-qw36-p97w-vcqr
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 384
name Session Fixation
description Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-kqcd-f4vt-r7g8