Data

Tools

Indexes

Applications

Experiments

Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 0.5% on packagist.org
Top 0.1% downloads on packagist.org
Top 0.2% dependent packages on packagist.org
Top 0.1% dependent repos on packagist.org
Top 2.1% forks on packagist.org
Top 0.2% docker downloads on packagist.org

packagist.org : symfony/security-http

Symfony Security Component - HTTP Integration

Registry - Source - Homepage - JSON
purl: pkg:composer/symfony/security-http
Keywords: component , php , symfony , symfony-component
License: MIT
Latest release: about 1 month ago
First release: over 11 years ago
Namespace: symfony
Dependent packages: 135
Dependent repositories: 24,571
Downloads: 129,640,846 total
Stars: 1,680 on GitHub
Forks: 20 on GitHub
Docker dependents: 147
Docker downloads: 8,964,126
Total Commits: 961
Committers: 194
Average commits per author: 4.954
Development Distribution Score (DDS): 0.802
More commit stats: commits.ecosyste.ms
See more repository details: repos.ecosyste.ms
Funding links: https://symfony.com/sponsor, https://github.com/fabpot, https://tidelift.com/funding/github/packagist/symfony/symfony, https://github.com/sponsors/fabpot
Last synced: about 14 hours ago

High
GSA_kwCzR0hTQS1jZzIzLXFmOGYtNjJycs4ABBTJ
Symfony has an Authentication Bypass via RememberMe
Ecosystems: packagist
Packages: symfony/security-http
Source: github
Published: 6 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjaHgtbWZyYy1md3Fy
Improper authentication in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: github
Published: about 5 years ago
High
GSA_kwCzR0hTQS1nNGc3LXE3MjYtdjVoZ84AATux
Symfony CSRF Token Fixation
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/security-bundle, symfony/symfony
Source: github
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1nNHJnLXJ3NjUtOGhmZ84AAT6-
Symfony Session Fixation Vulnerability
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: github
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1yN3A3LXFyN3AtMnJyZs4AAT52
Symfony Open Redirect
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: github
Published: almost 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcycWotcG14bS05Zjhm
User enumeration in authentication mechanisms
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: almost 4 years ago
Moderate
GSA_kwCzR0hTQS03cTIyLXg3NTctY21nY84ABB71
Withdrawn Advisory: Symfony http-security has authentication bypass
Ecosystems: packagist
Packages: symfony/security-http
Source: github
Published: 5 months ago
Withdrawn: 5 months ago
Low
GSA_kwCzR0hTQS1qNWpoLWhwcjQtaDMzMs4AAV_7
Symfony Session Fixation Vulnerability
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: github
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS04OXIyLTVnMzQtMmc0N84AATfR
Symfony Open Redirect
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: github
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1nOTdjLWpmeDYteHZ4aM4AAcl9
Symfony Vulnerable to Timing Attack
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/form
Source: github
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2cGMtNWp4NC1jZnFn
User enumeration leak using switch user functionality in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwdjgtcHB2ai00aDY4
Prevent user enumeration using Guard or the new Authenticator-based Security
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/maker-bundle, lexik/jwt-authentication-bundle, symfony/security-core, symfony/security-guard
Source: github
Published: almost 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmY2YtbTY3bS1qY3Jx
Authentication granted to all firewalls instead of just one
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0bTktNWhwZi1oeDcy
Firewall configured with unanimous strategy was not actually unanimous in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http, symfony/security
Source: github
Published: about 5 years ago
Moderate
GSA_kwCzR0hTQS1tMndqLXI2ZzMtZnhmeM4AA3Cx
Symfony possible session fixation vulnerability
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: over 1 year ago
High
GSA_kwCzR0hTQS13aGd2LThjZzMtN2hjbc4AAdU9
Symphony Denial of Service Via Overlong Usernames
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: github
Published: almost 3 years ago