1. Home
  2. Packages
  3. composer
  4. symfony
  5. http-kernel

pkg:composer/symfony/http-kernel

Type composer
Namespace symfony
Name http-kernel

Known advisories, vulnerabilities and fixes for http-kernel package.

Repository
https://packagist.org/packages/symfony/http-kernel
High 3
Medium 3
None 1
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected >= 2.0.0, < 2.1.0 >= 2.2.0, < 2.3.0 >= 2.1.0, < 2.2.0 >= 2.4.0, < 2.4.9 >= 2.5.0, < 2.5.4 >= 2.3.0, < 2.3.19 CVE-2014-5245
composer PHP:SYMFONY-HTTP-KERNEL-2014-5245 Direct access of ESI URLs behind a trusted proxy 2014-09-03T07:40:02
(10 years ago)
Affected >= 2.0.0, < 2.1.0 >= 2.2.0, < 2.3.0 >= 2.6.0, < 2.6.6 >= 2.1.0, < 2.2.0 >= 2.4.0, < 2.5.0 >= 2.5.0, < 2.5.11 >= 2.3.0, < 2.3.27 CVE-2015-2308
composer PHP:SYMFONY-HTTP-KERNEL-2015-2308 Esi Code Injection medium 2015-04-01T18:55:26
(9 years ago)
Affected >= 2.3.19, < 2.3.29 >= 2.5.4, < 2.5.12 >= 2.4.9, < 2.5.0 >= 2.6.0, < 2.6.8 CVE-2015-4050
composer PHP:SYMFONY-HTTP-KERNEL-2015-4050 ESI unauthorized access medium 2015-05-26T23:55:51
(9 years ago)
Affected >= 3.0.0, < 3.1.0 >= 4.3.0, < 4.3.8 >= 3.2.0, < 3.3.0 >= 2.2.0, < 2.3.0 >= 2.6.0, < 2.7.0 >= 2.7.0, < 2.8.0 >= 2.3.0, < 2.4.0 >= 3.4.0, < 3.4.35 >= 2.8.0, < 2.8.52 >= 4.1.0, < 4.2.0 >= 4.2.0, < 4.2.12 >= 2.4.0, < 2.5.0 >= 2.5.0, < 2.6.0 >= 3.3.0, < 3.4.0 >= 4.0.0, < 4.1.0 >= 3.1.0, < 3.2.0 CVE-2019-18887
composer PHP:SYMFONY-HTTP-KERNEL-2019-18887 Use constant time comparison in UriSigner high 2019-11-13T08:00:00
(4 years ago)
Affected >= 5.1.0, < 5.1.5 >= 5.0.0, < 5.1.0 >= 4.4.0, < 4.4.13 >= 4.3.0, < 4.4.0 CVE-2020-15094
composer PHP:SYMFONY-HTTP-KERNEL-2020-15094 Prevent RCE when calling untrusted remote with CachingHttpClient high 2020-09-02T08:00:00
(4 years ago)
Affected >= 5.2.0, < 5.3.0 >= 5.3.0, < 5.3.12 CVE-2021-41267
composer PHP:SYMFONY-HTTP-KERNEL-2021-41267 Webcache Poisoning via X-Forwarded-Prefix and sub-request medium 2021-10-09T12:10:44
(2 years ago)
Affected >= 4.3.0, < 4.4.0 >= 6.1.0, < 6.1.12 >= 3.0.0, < 3.1.0 >= 5.0.0, < 5.1.0 >= 3.2.0, < 3.3.0 >= 5.2.0, < 5.3.0 >= 6.2.0, < 6.2.6 >= 2.6.0, < 2.7.0 >= 2.7.0, < 2.8.0 >= 5.4.0, < 5.4.20 >= 2.2.0, < 2.3.0 >= 5.1.0, < 5.2.0 >= 4.1.0, < 4.2.0 >= 2.8.0, < 3.0.0 >= 5.3.0, < 5.4.0 >= 3.4.0, < 4.0.0 >= 2.3.0, < 2.4.0 >= 4.2.0, < 4.3.0 >= 2.5.0, < 2.6.0 >= 2.4.0, < 2.5.0 >= 4.0.0, < 4.1.0 >= 6.0.0, < 6.0.20 >= 2.0.0, < 2.1.0 >= 2.1.0, < 2.2.0 >= 4.4.0, < 4.4.50 >= 3.3.0, < 3.4.0 >= 3.1.0, < 3.2.0 CVE-2022-24894
composer PHP:SYMFONY-HTTP-KERNEL-2022-24894 Prevent storing cookie headers in HttpCache high 2023-02-01T08:00:00
(19 months ago)