Search for packages
| purl | pkg:composer/symfony/security-bundle@7.1.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-7635-g8dq-bubu | Symfony's `Security::login` does not take into account custom `user_checker` ### Description The custom `user_checker` defined on a firewall is not called when Login Programmaticaly with the `Security::login` method, leading to unwanted login. ### Resolution The `Security::login` method now ensure to call the configured `user_checker`. The patch for this issue is available [here](https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105) for branch 6.4. ### Credits We would like to thank Oleg Andreyev, Antoine MAKDESSI for reporting the issue and Christian Flothmann for providing the fix. |
CVE-2024-50341
GHSA-jxgr-3v7q-3w9v |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-03T19:14:56.382843+00:00 | GitLab Importer | Fixing | VCID-7635-g8dq-bubu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/security-bundle/CVE-2024-50341.yml | 37.0.0 |
| 2025-07-03T13:57:23.590595+00:00 | GitLab Importer | Fixing | VCID-7635-g8dq-bubu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/security-bundle/CVE-2024-50341.yml | 36.1.3 |
| 2025-07-01T14:35:46.691286+00:00 | GHSA Importer | Fixing | VCID-7635-g8dq-bubu | https://github.com/advisories/GHSA-jxgr-3v7q-3w9v | 36.1.3 |
| 2025-07-01T12:10:42.057323+00:00 | GithubOSV Importer | Fixing | VCID-7635-g8dq-bubu | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-jxgr-3v7q-3w9v/GHSA-jxgr-3v7q-3w9v.json | 36.1.3 |