Search for packages
| purl | pkg:composer/symfony/http-foundation@2.8.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-bnwq-cmt5-7qcr
Aliases: CVE-2019-10913 GHSA-x92h-wmg2-6hp7 |
Invalid HTTP method overrides allow possible XSS or other attacks in Symfony In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zbme-ygft-4qht
Aliases: CVE-2018-14773 GHSA-8wgj-6wx8-h5hq |
access restriction bypass |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T18:11:38.067648+00:00 | GitLab Importer | Affected by | VCID-bnwq-cmt5-7qcr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/http-foundation/CVE-2019-10913.yml | 36.1.3 |
| 2025-07-01T14:32:01.063180+00:00 | GHSA Importer | Affected by | VCID-zbme-ygft-4qht | https://github.com/advisories/GHSA-8wgj-6wx8-h5hq | 36.1.3 |
| 2025-07-01T14:29:59.219810+00:00 | GHSA Importer | Affected by | VCID-bnwq-cmt5-7qcr | https://github.com/advisories/GHSA-x92h-wmg2-6hp7 | 36.1.3 |