Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-v78k-j32n-vyac
Summary
Symfony possible session fixation vulnerability
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier does not change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated.
Aliases
0
alias CVE-2023-46733
1
alias GHSA-m2wj-r6g3-fxfx
Fixed_packages
0
url pkg:composer/symfony/security-http@5.4.31
purl pkg:composer/symfony/security-http@5.4.31
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.31
1
url pkg:composer/symfony/security-http@6.3.8
purl pkg:composer/symfony/security-http@6.3.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.8
2
url pkg:composer/symfony/serializer@5.4.31
purl pkg:composer/symfony/serializer@5.4.31
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.31
3
url pkg:composer/symfony/serializer@6.3.8
purl pkg:composer/symfony/serializer@6.3.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.8
4
url pkg:composer/symfony/symfony@6.4.0-BETA1
purl pkg:composer/symfony/symfony@6.4.0-BETA1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.4.0-BETA1
5
url pkg:composer/symfony/symfony@5.4.31
purl pkg:composer/symfony/symfony@5.4.31
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.31
6
url pkg:composer/symfony/symfony@6.0.0-BETA1
purl pkg:composer/symfony/symfony@6.0.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.0.0-BETA1
7
url pkg:composer/symfony/symfony@6.3.8
purl pkg:composer/symfony/symfony@6.3.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.8
8
url pkg:deb/debian/symfony@0?distro=trixie
purl pkg:deb/debian/symfony@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@0%3Fdistro=trixie
9
url pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/symfony@4.4.19%2Bdfsg-2%2Bdeb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-3rs1-f6qt-vqbn
2
vulnerability VCID-9cfq-wdcw-13f8
3
vulnerability VCID-brbn-9szp-2ubx
4
vulnerability VCID-buyw-5tjv-myem
5
vulnerability VCID-cfca-cgne-4fev
6
vulnerability VCID-d7r9-9h57-5yen
7
vulnerability VCID-gd71-zeaf-zqbr
8
vulnerability VCID-kxff-fp12-qfcu
9
vulnerability VCID-mqjv-9ptq-q3g9
10
vulnerability VCID-mzxb-ryz7-xbev
11
vulnerability VCID-nsrm-u4km-qqa1
12
vulnerability VCID-qscu-huud-4fbz
13
vulnerability VCID-styq-7bbp-pbf6
14
vulnerability VCID-usft-rqta-eyhg
15
vulnerability VCID-wv5b-2644-w3gf
16
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@4.4.19%252Bdfsg-2%252Bdeb11u6%3Fdistro=trixie
10
url pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.23%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
11
url pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/symfony@5.4.23%2Bdfsg-1%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-9cfq-wdcw-13f8
2
vulnerability VCID-brbn-9szp-2ubx
3
vulnerability VCID-buyw-5tjv-myem
4
vulnerability VCID-cfca-cgne-4fev
5
vulnerability VCID-d7r9-9h57-5yen
6
vulnerability VCID-gd71-zeaf-zqbr
7
vulnerability VCID-kxff-fp12-qfcu
8
vulnerability VCID-mzxb-ryz7-xbev
9
vulnerability VCID-nsrm-u4km-qqa1
10
vulnerability VCID-qscu-huud-4fbz
11
vulnerability VCID-styq-7bbp-pbf6
12
vulnerability VCID-usft-rqta-eyhg
13
vulnerability VCID-wv5b-2644-w3gf
14
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.23%252Bdfsg-1%252Bdeb12u5%3Fdistro=trixie
12
url pkg:deb/debian/symfony@5.4.31%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@5.4.31%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@5.4.31%252Bdfsg-1%3Fdistro=trixie
13
url pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/symfony@6.4.21%2Bdfsg-2%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-31pu-2pt7-2fh2
1
vulnerability VCID-3rs1-f6qt-vqbn
2
vulnerability VCID-4e6m-3qj2-67ag
3
vulnerability VCID-4ufx-41vp-ducg
4
vulnerability VCID-5113-3b42-j3eh
5
vulnerability VCID-5qmw-a84t-dfge
6
vulnerability VCID-8akz-87u4-7uh9
7
vulnerability VCID-8vur-b48u-pqeu
8
vulnerability VCID-9cfq-wdcw-13f8
9
vulnerability VCID-brbn-9szp-2ubx
10
vulnerability VCID-btxp-ywr3-ukgj
11
vulnerability VCID-buyw-5tjv-myem
12
vulnerability VCID-cfca-cgne-4fev
13
vulnerability VCID-d7r9-9h57-5yen
14
vulnerability VCID-fh6h-dyx9-83h1
15
vulnerability VCID-gd71-zeaf-zqbr
16
vulnerability VCID-kxff-fp12-qfcu
17
vulnerability VCID-mzxb-ryz7-xbev
18
vulnerability VCID-nsrm-u4km-qqa1
19
vulnerability VCID-qscu-huud-4fbz
20
vulnerability VCID-styq-7bbp-pbf6
21
vulnerability VCID-usft-rqta-eyhg
22
vulnerability VCID-wv5b-2644-w3gf
23
vulnerability VCID-ya1e-7bph-pqgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@6.4.21%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie
14
url pkg:deb/debian/symfony@7.4.13%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/symfony@7.4.13%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/symfony@7.4.13%252Bdfsg-1%3Fdistro=trixie
Affected_packages
0
url pkg:composer/symfony/security-http@5.4.22
purl pkg:composer/symfony/security-http@5.4.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.22
1
url pkg:composer/symfony/security-http@5.4.23
purl pkg:composer/symfony/security-http@5.4.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.23
2
url pkg:composer/symfony/security-http@5.4.26
purl pkg:composer/symfony/security-http@5.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.26
3
url pkg:composer/symfony/security-http@5.4.28
purl pkg:composer/symfony/security-http@5.4.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.28
4
url pkg:composer/symfony/security-http@5.4.30
purl pkg:composer/symfony/security-http@5.4.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.30
5
url pkg:composer/symfony/security-http@6.2.10
purl pkg:composer/symfony/security-http@6.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.2.10
6
url pkg:composer/symfony/security-http@6.2.11
purl pkg:composer/symfony/security-http@6.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.2.11
7
url pkg:composer/symfony/security-http@6.2.13
purl pkg:composer/symfony/security-http@6.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.2.13
8
url pkg:composer/symfony/security-http@6.2.8
purl pkg:composer/symfony/security-http@6.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.2.8
9
url pkg:composer/symfony/security-http@6.3.0-BETA1
purl pkg:composer/symfony/security-http@6.3.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.0-BETA1
10
url pkg:composer/symfony/security-http@6.3.0-RC1
purl pkg:composer/symfony/security-http@6.3.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.0-RC1
11
url pkg:composer/symfony/security-http@6.3.1
purl pkg:composer/symfony/security-http@6.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.1
12
url pkg:composer/symfony/security-http@6.3.2
purl pkg:composer/symfony/security-http@6.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.2
13
url pkg:composer/symfony/security-http@6.3.4
purl pkg:composer/symfony/security-http@6.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.4
14
url pkg:composer/symfony/security-http@6.3.5
purl pkg:composer/symfony/security-http@6.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.5
15
url pkg:composer/symfony/security-http@6.3.6
purl pkg:composer/symfony/security-http@6.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.6
16
url pkg:composer/symfony/security-http@5.4.21
purl pkg:composer/symfony/security-http@5.4.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@5.4.21
17
url pkg:composer/symfony/security-http@6.2.7
purl pkg:composer/symfony/security-http@6.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.2.7
18
url pkg:composer/symfony/security-http@6.3.0
purl pkg:composer/symfony/security-http@6.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rs1-f6qt-vqbn
1
vulnerability VCID-mxta-zqzb-nfbv
2
vulnerability VCID-pnq6-u1q3-ebff
3
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/security-http@6.3.0
19
url pkg:composer/symfony/serializer@5.4.22
purl pkg:composer/symfony/serializer@5.4.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.22
20
url pkg:composer/symfony/serializer@5.4.23
purl pkg:composer/symfony/serializer@5.4.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.23
21
url pkg:composer/symfony/serializer@5.4.24
purl pkg:composer/symfony/serializer@5.4.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.24
22
url pkg:composer/symfony/serializer@5.4.25
purl pkg:composer/symfony/serializer@5.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.25
23
url pkg:composer/symfony/serializer@5.4.26
purl pkg:composer/symfony/serializer@5.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.26
24
url pkg:composer/symfony/serializer@5.4.28
purl pkg:composer/symfony/serializer@5.4.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.28
25
url pkg:composer/symfony/serializer@5.4.29
purl pkg:composer/symfony/serializer@5.4.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.29
26
url pkg:composer/symfony/serializer@5.4.30
purl pkg:composer/symfony/serializer@5.4.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.30
27
url pkg:composer/symfony/serializer@6.2.10
purl pkg:composer/symfony/serializer@6.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.2.10
28
url pkg:composer/symfony/serializer@6.2.11
purl pkg:composer/symfony/serializer@6.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.2.11
29
url pkg:composer/symfony/serializer@6.2.12
purl pkg:composer/symfony/serializer@6.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.2.12
30
url pkg:composer/symfony/serializer@6.2.13
purl pkg:composer/symfony/serializer@6.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.2.13
31
url pkg:composer/symfony/serializer@6.2.8
purl pkg:composer/symfony/serializer@6.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.2.8
32
url pkg:composer/symfony/serializer@6.3.0
purl pkg:composer/symfony/serializer@6.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.0
33
url pkg:composer/symfony/serializer@6.3.0-BETA1
purl pkg:composer/symfony/serializer@6.3.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.0-BETA1
34
url pkg:composer/symfony/serializer@6.3.0-BETA2
purl pkg:composer/symfony/serializer@6.3.0-BETA2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.0-BETA2
35
url pkg:composer/symfony/serializer@6.3.0-BETA3
purl pkg:composer/symfony/serializer@6.3.0-BETA3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.0-BETA3
36
url pkg:composer/symfony/serializer@6.3.0-RC1
purl pkg:composer/symfony/serializer@6.3.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.0-RC1
37
url pkg:composer/symfony/serializer@6.3.1
purl pkg:composer/symfony/serializer@6.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.1
38
url pkg:composer/symfony/serializer@6.3.2
purl pkg:composer/symfony/serializer@6.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.2
39
url pkg:composer/symfony/serializer@6.3.3
purl pkg:composer/symfony/serializer@6.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.3
40
url pkg:composer/symfony/serializer@6.3.4
purl pkg:composer/symfony/serializer@6.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.4
41
url pkg:composer/symfony/serializer@6.3.5
purl pkg:composer/symfony/serializer@6.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.5
42
url pkg:composer/symfony/serializer@6.3.6
purl pkg:composer/symfony/serializer@6.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.6
43
url pkg:composer/symfony/serializer@6.3.7
purl pkg:composer/symfony/serializer@6.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.3.7
44
url pkg:composer/symfony/serializer@5.4.21
purl pkg:composer/symfony/serializer@5.4.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@5.4.21
45
url pkg:composer/symfony/serializer@6.2.7
purl pkg:composer/symfony/serializer@6.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/serializer@6.2.7
46
url pkg:composer/symfony/symfony@5.4.22
purl pkg:composer/symfony/symfony@5.4.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.22
47
url pkg:composer/symfony/symfony@5.4.23
purl pkg:composer/symfony/symfony@5.4.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.23
48
url pkg:composer/symfony/symfony@5.4.24
purl pkg:composer/symfony/symfony@5.4.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.24
49
url pkg:composer/symfony/symfony@5.4.25
purl pkg:composer/symfony/symfony@5.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.25
50
url pkg:composer/symfony/symfony@5.4.26
purl pkg:composer/symfony/symfony@5.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.26
51
url pkg:composer/symfony/symfony@5.4.27
purl pkg:composer/symfony/symfony@5.4.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.27
52
url pkg:composer/symfony/symfony@5.4.28
purl pkg:composer/symfony/symfony@5.4.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.28
53
url pkg:composer/symfony/symfony@5.4.29
purl pkg:composer/symfony/symfony@5.4.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.29
54
url pkg:composer/symfony/symfony@5.4.30
purl pkg:composer/symfony/symfony@5.4.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.30
55
url pkg:composer/symfony/symfony@6.2.10
purl pkg:composer/symfony/symfony@6.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.10
56
url pkg:composer/symfony/symfony@6.2.11
purl pkg:composer/symfony/symfony@6.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.11
57
url pkg:composer/symfony/symfony@6.2.12
purl pkg:composer/symfony/symfony@6.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.12
58
url pkg:composer/symfony/symfony@6.2.13
purl pkg:composer/symfony/symfony@6.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.13
59
url pkg:composer/symfony/symfony@6.2.14
purl pkg:composer/symfony/symfony@6.2.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.14
60
url pkg:composer/symfony/symfony@6.2.8
purl pkg:composer/symfony/symfony@6.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.8
61
url pkg:composer/symfony/symfony@6.2.9
purl pkg:composer/symfony/symfony@6.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.9
62
url pkg:composer/symfony/symfony@6.3.0-BETA1
purl pkg:composer/symfony/symfony@6.3.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.0-BETA1
63
url pkg:composer/symfony/symfony@6.3.0-BETA2
purl pkg:composer/symfony/symfony@6.3.0-BETA2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.0-BETA2
64
url pkg:composer/symfony/symfony@6.3.0-BETA3
purl pkg:composer/symfony/symfony@6.3.0-BETA3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.0-BETA3
65
url pkg:composer/symfony/symfony@6.3.0-RC1
purl pkg:composer/symfony/symfony@6.3.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.0-RC1
66
url pkg:composer/symfony/symfony@6.3.0-RC2
purl pkg:composer/symfony/symfony@6.3.0-RC2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.0-RC2
67
url pkg:composer/symfony/symfony@6.3.1
purl pkg:composer/symfony/symfony@6.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.1
68
url pkg:composer/symfony/symfony@6.3.2
purl pkg:composer/symfony/symfony@6.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.2
69
url pkg:composer/symfony/symfony@6.3.3
purl pkg:composer/symfony/symfony@6.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.3
70
url pkg:composer/symfony/symfony@6.3.4
purl pkg:composer/symfony/symfony@6.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.4
71
url pkg:composer/symfony/symfony@6.3.5
purl pkg:composer/symfony/symfony@6.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.5
72
url pkg:composer/symfony/symfony@6.3.6
purl pkg:composer/symfony/symfony@6.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.6
73
url pkg:composer/symfony/symfony@6.3.7
purl pkg:composer/symfony/symfony@6.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-pnq6-u1q3-ebff
2
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.7
74
url pkg:composer/symfony/symfony@5.4.21
purl pkg:composer/symfony/symfony@5.4.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@5.4.21
75
url pkg:composer/symfony/symfony@6.2.7
purl pkg:composer/symfony/symfony@6.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mxta-zqzb-nfbv
1
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.2.7
76
url pkg:composer/symfony/symfony@6.3.0
purl pkg:composer/symfony/symfony@6.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rs1-f6qt-vqbn
1
vulnerability VCID-mxta-zqzb-nfbv
2
vulnerability VCID-pnq6-u1q3-ebff
3
vulnerability VCID-v78k-j32n-vyac
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@6.3.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46733
reference_id
reference_type
scores
0
value 0.01228
scoring_system epss
scoring_elements 0.79468
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46733
1
reference_url https://github.com/symfony/symfony
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony
2
reference_url https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:11:06Z/
url https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9
3
reference_url https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:11:06Z/
url https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055775
reference_id 1055775
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055775
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46733
reference_id CVE-2023-46733
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46733
6
reference_url https://symfony.com/cve-2023-46733
reference_id CVE-2023-46733
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2023-46733
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2023-46733.yaml
reference_id CVE-2023-46733.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2023-46733.yaml
8
reference_url https://github.com/advisories/GHSA-m2wj-r6g3-fxfx
reference_id GHSA-m2wj-r6g3-fxfx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m2wj-r6g3-fxfx
9
reference_url https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx
reference_id GHSA-m2wj-r6g3-fxfx
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:11:06Z/
url https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx
Weaknesses
0
cwe_id 384
name Session Fixation
description Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-v78k-j32n-vyac