Search for packages
| purl | pkg:composer/symfony/security-bundle@6.2.8 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-pdcr-fsbk-63bx
Aliases: CVE-2024-50341 GHSA-jxgr-3v7q-3w9v |
Symfony's `Security::login` does not take into account custom `user_checker` ### Description The custom `user_checker` defined on a firewall is not called when Login Programmaticaly with the `Security::login` method, leading to unwanted login. ### Resolution The `Security::login` method now ensure to call the configured `user_checker`. The patch for this issue is available [here](https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105) for branch 6.4. ### Credits We would like to thank Oleg Andreyev, Antoine MAKDESSI for reporting the issue and Christian Flothmann for providing the fix. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T23:13:23.671482+00:00 | GitLab Importer | Affected by | VCID-pdcr-fsbk-63bx | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/security-bundle/CVE-2024-50341.yml | 38.4.0 |
| 2026-04-12T00:31:53.989198+00:00 | GitLab Importer | Affected by | VCID-pdcr-fsbk-63bx | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/security-bundle/CVE-2024-50341.yml | 38.3.0 |
| 2026-04-03T00:39:37.642748+00:00 | GitLab Importer | Affected by | VCID-pdcr-fsbk-63bx | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/symfony/security-bundle/CVE-2024-50341.yml | 38.1.0 |