Search for packages
Package details: pkg:composer/symfony/symfony@4.4.51
purl pkg:composer/symfony/symfony@4.4.51
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-xv9e-a7qq-63a1 Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters ### Description Some Twig filters in CodeExtension use "is_safe=html" but don't actually ensure their input is safe. ### Resolution Symfony now escapes the output of the affected filters. The patch for this issue is available [here](https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c) for branch 4.4. ### Credits We would like to thank Pierre Rudloff for reporting the issue and to Nicolas Grekas for providing the fix. CVE-2023-46734
GHSA-q847-2q57-wmr3

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-01T18:15:02.735817+00:00 GitLab Importer Fixing VCID-xv9e-a7qq-63a1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/symfony/CVE-2023-46734.yml 36.1.3
2025-07-01T12:15:26.412557+00:00 GithubOSV Importer Fixing VCID-xv9e-a7qq-63a1 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-q847-2q57-wmr3/GHSA-q847-2q57-wmr3.json 36.1.3