Search for packages
| purl | pkg:composer/symfony/cache@3.1.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-g1yv-sk44-n3fu
Aliases: CVE-2019-10912 GHSA-w2fr-65vp-mxw3 |
Deserialization of untrusted data in Symfony In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-qr3v-jkjd-qfb1
Aliases: CVE-2019-18889 GHSA-79gr-58r3-pwm3 |
Symfony Unsafe Cache Serialization Could Enable RCE An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T18:11:38.115275+00:00 | GitLab Importer | Affected by | VCID-g1yv-sk44-n3fu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/cache/CVE-2019-10912.yml | 36.1.3 |
| 2025-07-01T14:30:04.013114+00:00 | GHSA Importer | Affected by | VCID-g1yv-sk44-n3fu | https://github.com/advisories/GHSA-w2fr-65vp-mxw3 | 36.1.3 |
| 2025-07-01T14:29:58.668461+00:00 | GHSA Importer | Affected by | VCID-qr3v-jkjd-qfb1 | https://github.com/advisories/GHSA-79gr-58r3-pwm3 | 36.1.3 |