Search for packages
| purl | pkg:composer/symfony/http-foundation@4.2.7 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-bnwq-cmt5-7qcr | Invalid HTTP method overrides allow possible XSS or other attacks in Symfony In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation. |
CVE-2019-10913
GHSA-x92h-wmg2-6hp7 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T18:11:38.097074+00:00 | GitLab Importer | Fixing | VCID-bnwq-cmt5-7qcr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/http-foundation/CVE-2019-10913.yml | 36.1.3 |
| 2025-07-01T14:29:59.241290+00:00 | GHSA Importer | Fixing | VCID-bnwq-cmt5-7qcr | https://github.com/advisories/GHSA-x92h-wmg2-6hp7 | 36.1.3 |
| 2025-07-01T12:21:56.402092+00:00 | GithubOSV Importer | Fixing | VCID-bnwq-cmt5-7qcr | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/12/GHSA-x92h-wmg2-6hp7/GHSA-x92h-wmg2-6hp7.json | 36.1.3 |