pkg:composer/symfony/http-kernel
Type
composer
Namespace
symfony
Name
http-kernel
Known advisories, vulnerabilities and fixes for http-kernel package.
High
3
Medium
3
None
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 2.0.0, < 2.1.0 >= 2.2.0, < 2.3.0 >= 2.1.0, < 2.2.0 >= 2.4.0, < 2.4.9 >= 2.5.0, < 2.5.4 >= 2.3.0, < 2.3.19 |
CVE-2014-5245
|
PHP:SYMFONY-HTTP-KERNEL-2014-5245 | Direct access of ESI URLs behind a trusted proxy |
2014-09-03T07:40:02
(10 years ago) |
||
Affected | >= 2.0.0, < 2.1.0 >= 2.2.0, < 2.3.0 >= 2.6.0, < 2.6.6 >= 2.1.0, < 2.2.0 >= 2.4.0, < 2.5.0 >= 2.5.0, < 2.5.11 >= 2.3.0, < 2.3.27 |
CVE-2015-2308
|
PHP:SYMFONY-HTTP-KERNEL-2015-2308 | Esi Code Injection | medium |
2015-04-01T18:55:26
(9 years ago) |
|
Affected | >= 2.3.19, < 2.3.29 >= 2.5.4, < 2.5.12 >= 2.4.9, < 2.5.0 >= 2.6.0, < 2.6.8 |
CVE-2015-4050
|
PHP:SYMFONY-HTTP-KERNEL-2015-4050 | ESI unauthorized access | medium |
2015-05-26T23:55:51
(9 years ago) |
|
Affected | >= 3.0.0, < 3.1.0 >= 4.3.0, < 4.3.8 >= 3.2.0, < 3.3.0 >= 2.2.0, < 2.3.0 >= 2.6.0, < 2.7.0 >= 2.7.0, < 2.8.0 >= 2.3.0, < 2.4.0 >= 3.4.0, < 3.4.35 >= 2.8.0, < 2.8.52 >= 4.1.0, < 4.2.0 >= 4.2.0, < 4.2.12 >= 2.4.0, < 2.5.0 >= 2.5.0, < 2.6.0 >= 3.3.0, < 3.4.0 >= 4.0.0, < 4.1.0 >= 3.1.0, < 3.2.0 |
CVE-2019-18887
|
PHP:SYMFONY-HTTP-KERNEL-2019-18887 | Use constant time comparison in UriSigner | high |
2019-11-13T08:00:00
(4 years ago) |
|
Affected | >= 5.1.0, < 5.1.5 >= 5.0.0, < 5.1.0 >= 4.4.0, < 4.4.13 >= 4.3.0, < 4.4.0 |
CVE-2020-15094
|
PHP:SYMFONY-HTTP-KERNEL-2020-15094 | Prevent RCE when calling untrusted remote with CachingHttpClient | high |
2020-09-02T08:00:00
(4 years ago) |
|
Affected | >= 5.2.0, < 5.3.0 >= 5.3.0, < 5.3.12 |
CVE-2021-41267
|
PHP:SYMFONY-HTTP-KERNEL-2021-41267 | Webcache Poisoning via X-Forwarded-Prefix and sub-request | medium |
2021-10-09T12:10:44
(2 years ago) |
|
Affected | >= 4.3.0, < 4.4.0 >= 6.1.0, < 6.1.12 >= 3.0.0, < 3.1.0 >= 5.0.0, < 5.1.0 >= 3.2.0, < 3.3.0 >= 5.2.0, < 5.3.0 >= 6.2.0, < 6.2.6 >= 2.6.0, < 2.7.0 >= 2.7.0, < 2.8.0 >= 5.4.0, < 5.4.20 >= 2.2.0, < 2.3.0 >= 5.1.0, < 5.2.0 >= 4.1.0, < 4.2.0 >= 2.8.0, < 3.0.0 >= 5.3.0, < 5.4.0 >= 3.4.0, < 4.0.0 >= 2.3.0, < 2.4.0 >= 4.2.0, < 4.3.0 >= 2.5.0, < 2.6.0 >= 2.4.0, < 2.5.0 >= 4.0.0, < 4.1.0 >= 6.0.0, < 6.0.20 >= 2.0.0, < 2.1.0 >= 2.1.0, < 2.2.0 >= 4.4.0, < 4.4.50 >= 3.3.0, < 3.4.0 >= 3.1.0, < 3.2.0 |
CVE-2022-24894
|
PHP:SYMFONY-HTTP-KERNEL-2022-24894 | Prevent storing cookie headers in HttpCache | high |
2023-02-01T08:00:00
(19 months ago) |