Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 50 results


CVE-2023-46735

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-46734

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-46733

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-24895

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes....

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-24894

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-23601

Medium priority
Not affected

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-41270

Medium priority

Some fixes available 1 of 2

Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Not affected Not affected Fixed Not affected Not affected
Show less packages

CVE-2021-41268

Medium priority
Ignored

Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-41267

Medium priority
Vulnerable

Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Vulnerable Vulnerable Not affected Not affected Not affected
Show less packages

CVE-2021-32693

Medium priority
Ignored

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application...

1 affected packages

symfony

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
symfony Not affected Not affected Not affected Not affected
Show less packages