Sensiolabs

Symfony

60 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.24%
  • Veröffentlicht 06.11.2024 21:15:06
  • Zuletzt bearbeitet 04.09.2025 16:08:00

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when prepar...

  • EPSS 0.12%
  • Veröffentlicht 06.11.2024 21:15:06
  • Zuletzt bearbeitet 04.09.2025 16:09:49

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker c...

  • EPSS 84.2%
  • Veröffentlicht 06.11.2024 21:15:05
  • Zuletzt bearbeitet 08.11.2024 19:01:25

symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted query string, they are ...

  • EPSS 1.94%
  • Veröffentlicht 10.11.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 08:29:11

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3...

  • EPSS 0.99%
  • Veröffentlicht 10.11.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 08:29:11

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but ...

  • EPSS 0.81%
  • Veröffentlicht 10.11.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 08:29:11

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every success...

  • EPSS 0.02%
  • Veröffentlicht 03.02.2023 22:15:11
  • Zuletzt bearbeitet 13.02.2025 17:15:38

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not ...

  • EPSS 0.12%
  • Veröffentlicht 03.02.2023 22:15:10
  • Zuletzt bearbeitet 10.04.2025 20:54:30

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent chan...

  • EPSS 0.17%
  • Veröffentlicht 01.02.2022 13:15:10
  • Zuletzt bearbeitet 21.11.2024 06:48:54

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control ...

  • EPSS 0.87%
  • Veröffentlicht 24.11.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:56

Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vul...