pkg:composer/symfony/security-bundle
Type
composer
Namespace
symfony
Name
security-bundle
Known advisories, vulnerabilities and fixes for security-bundle package.
High
3
Medium
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | >= 3.0.0, < 3.1.0 >= 3.2.0, < 3.3.0 >= 2.5.0, < 2.6.0 >= 2.4.0, < 2.5.0 >= 2.2.0, < 2.3.0 >= 3.3.0, < 3.3.17 >= 2.7.0, < 2.7.48 >= 2.6.0, < 2.7.0 >= 2.1.0, < 2.2.0 >= 2.0.0, < 2.1.0 >= 4.0.0, < 4.0.11 >= 2.3.0, < 2.4.0 >= 3.1.0, < 3.2.0 >= 3.4.0, < 3.4.11 >= 2.8.0, < 2.8.41 |
CVE-2018-11406
|
 PHP:SYMFONY-SECURITY-BUNDLE-2018-11406
|
CSRF Token Fixation | high |
2018-05-25T12:44:29
(6 years ago) |
|
| Affected | >= 3.1.0, < 3.2.0 >= 3.4.0, < 3.4.11 >= 2.8.0, < 2.8.41 >= 3.3.0, < 3.3.17 >= 2.7.38, < 2.7.48 >= 4.0.0, < 4.0.11 >= 3.2.0, < 3.3.0 >= 3.0.0, < 3.1.0 |
CVE-2018-11408
|
PHP:SYMFONY-SECURITY-BUNDLE-2018-11408
|
Open redirect vulnerability on security handlers | medium |
2018-05-25T12:44:29
(6 years ago) |
|
| Affected | >= 5.3.0, < 5.3.12 |
CVE-2021-41268
|
PHP:SYMFONY-SECURITY-BUNDLE-2021-41268
|
Remember me cookie persistance after password changes | high |
2021-10-23T11:11:11
(2 years ago) |
|
| Affected | >= 6.0.0, < 6.0.20 >= 4.0.0, < 4.1.0 >= 2.0.0, < 2.1.0 >= 4.4.0, < 4.4.50 >= 2.1.0, < 2.2.0 >= 3.3.0, < 3.4.0 >= 3.1.0, < 3.2.0 >= 4.2.0, < 4.3.0 >= 2.5.0, < 2.6.0 >= 2.4.0, < 2.5.0 >= 6.2.0, < 6.2.6 >= 2.6.0, < 2.7.0 >= 2.7.0, < 2.8.0 >= 5.4.0, < 5.4.20 >= 2.2.0, < 2.3.0 >= 5.1.0, < 5.2.0 >= 4.1.0, < 4.2.0 >= 5.3.0, < 5.4.0 >= 2.8.0, < 3.0.0 >= 3.4.0, < 4.0.0 >= 2.3.0, < 2.4.0 >= 4.3.0, < 4.4.0 >= 6.1.0, < 6.1.12 >= 3.0.0, < 3.1.0 >= 5.0.0, < 5.1.0 >= 3.2.0, < 3.3.0 >= 5.2.0, < 5.3.0 |
CVE-2022-24895
|
PHP:SYMFONY-SECURITY-BUNDLE-2022-24895
|
Possible CSRF token fixation | high |
2023-02-01T08:00:00
(19 months ago) |