Security: symfony/symfony
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
CSRF token missing in formsGHSA-vvmr-8829-6whx published
Jan 29, 2022 by fabpotHigh severity -
Prevent CSV Injection via formulasGHSA-2xhg-w2g5-w95x published
Nov 24, 2021 by fabpotModerate severity -
Webcache Poisoning via X-Forwarded-Prefix and sub-requestGHSA-q3j3-w37x-hq2q published
Nov 24, 2021 by fabpotModerate severity -
Remember me cookie persistance after password changesGHSA-qw36-p97w-vcqr published
Nov 24, 2021 by fabpotModerate severity -
Authentication granted to all firewalls instead of just oneGHSA-rfcf-m67m-jcrq published
Jun 17, 2021 by fabpotHigh severity -
Prevent user enumeration in authentication mechanismsGHSA-3r3h-g39f-v648 published
May 19, 2021 by nicolas-grekasLow severity -
Prevent user enumeration in authentication mechanismsGHSA-g2qj-pmxm-9f8f published
May 14, 2021 by fabpotLow severity -
Prevent user enumeration in authentication mechanismsGHSA-5pv8-ppvj-4h68 published
May 12, 2021 by fabpotLow severity -
Prevent RCE when calling untrusted remote with CachingHttpClientGHSA-754h-5r27-7x3r published
Sep 2, 2020 by fabpotModerate severity -
All rules set in "access_control" are required when the firewall is configured with the unanimous strategyGHSA-g4m9-5hpf-hx72 published
Mar 30, 2020 by nicolas-grekasModerate severity