Data

Tools

Indexes

Applications

Experiments

Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 0.1% on packagist.org
Top 0.1% downloads on packagist.org
Top 0.1% dependent packages on packagist.org
Top 0.1% dependent repos on packagist.org
Top 0.1% forks on packagist.org
Top 0.3% docker downloads on packagist.org

packagist.org : symfony/symfony

The Symfony PHP framework

Registry - Source - Homepage - JSON
purl: pkg:composer/symfony/symfony
Keywords: framework , dev , bundle , hacktoberfest , php , php-framework , symfony , symfony-bundle
License: MIT
Latest release: 10 days ago
First release: over 13 years ago
Namespace: symfony
Dependent packages: 3,530
Dependent repositories: 22,779
Downloads: 83,770,348 total
Stars: 29,771 on GitHub
Forks: 9,461 on GitHub
Docker dependents: 52
Docker downloads: 2,569,914
Total Commits: 36723
Committers: 3956
Average commits per author: 9.283
Development Distribution Score (DDS): 0.848
More commit stats: commits.ecosyste.ms
See more repository details: repos.ecosyste.ms
Funding links: https://symfony.com/sponsor, https://github.com/fabpot, https://tidelift.com/funding/github/packagist/symfony/symfony, https://github.com/sponsors/fabpot
Last synced: about 20 hours ago

Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0cmMtcngyNS04bTg2
Improper Input Validation in Symfony
Ecosystems: packagist
Packages: symfony/var-exporter, symfony/symfony
Source: github
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjaHgtbWZyYy1md3Fy
Improper authentication in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: github
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1xODd2LXE4ZnctZ21qNc4AAgyh
Symfony Incorrect Access Control
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS0yMnB2LTd2OWotaHF4cM3grg
Symfony Host Header Injection vulnerability in the HttpFoundation component
Ecosystems: packagist
Packages: symfony/http-foundation, symfony/symfony
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS1nNGc3LXE3MjYtdjVoZ84AATux
Symfony CSRF Token Fixation
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/security-bundle, symfony/symfony
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS03dzUzLWhmcHctcmczZ84AAZ60
Symfony Arbitrary PHP code Execution
Ecosystems: packagist
Packages: symfony/yaml, symfony/symfony
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS1xOGo3LWZqaDctMjV2Nc3gFg
Symfony collectionCascaded and collectionCascadedDeeply fields security bypass
Ecosystems: packagist
Packages: symfony/symfony, symfony/validator
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1yN3A3LXFyN3AtMnJyZs4AAT52
Symfony Open Redirect
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04ODQtMjc5aC0zMnYy
Exceptions displayed in non-debug configurations in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/error-handler
Source: github
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXcyZnItNjV2cC1teHcz
Deserialization of untrusted data in Symfony
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core, symfony/symfony, symfony/phpunit-bridge, symfony/cache
Source: github
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS03bXgyLTdxOHAtcGdtd84AA8jf
Symfony may allow a user to switch to using another user's identity
Ecosystems: packagist
Packages: symfony/symfony
Source: github
Published: about 1 year ago
High
GSA_kwCzR0hTQS13dmp2LXA1cnItbW1xbc4AA8jc
Symfony allows direct access of ESI URLs behind a trusted proxy
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: github
Published: about 1 year ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcycWotcG14bS05Zjhm
User enumeration in authentication mechanisms
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: about 4 years ago
Moderate
GSA_kwCzR0hTQS14M2NmLXc2NHgtNGNwMs4AATfM
Symfony Path Disclosure
Ecosystems: packagist
Packages: symfony/form, symfony/symfony
Source: github
Published: about 3 years ago
Low
GSA_kwCzR0hTQS05YzN4LXIzd3AtbWd4bc4ABBBd
Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-client
Source: github
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS1jcXFoLTk0cjYtd2pyZ84AAV2m
Symfony SSRF Vulnerability via Form Component
Ecosystems: packagist
Packages: symfony/symfony, symfony/form
Source: github
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoaDYtOTU2cS00cTY5
Argument injection in a MimeTypeGuesser in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/mime, symfony/http-foundation
Source: github
Published: over 5 years ago
High
GSA_kwCzR0hTQS1xOGhnLXBmOHYtY3hyds02BA
Symfony Http-Kernel has non-constant time comparison in UriSigner
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: github
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS0zNWM1LTI4cGctMnFnNM4AAWke
Symfony Authentication Bypass
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS1nNHJnLXJ3NjUtOGhmZ84AAT6-
Symfony Session Fixation Vulnerability
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1yMnJxLTNoNTYtZnFtNM4AATu7
Symfony DoS
Ecosystems: packagist
Packages: symfony/http-foundation, symfony/symfony
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS1qang1LWZxNWctOHhwY84AAdU8
Symfony Cryptographic Vulnerability
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS03aHdjLTJjcTQtNngyd84AAT5V
Symfony Open Redirect
Ecosystems: packagist
Packages: symfony/security-bundle, symfony/symfony
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS04OWNwLWZ2Y2MtaHhoN84AAfYj
Symfony Access Control Vulnerability
Ecosystems: packagist
Packages: symfony/symfony
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS1nOTdjLWpmeDYteHZ4aM4AAcl9
Symfony Vulnerable to Timing Attack
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/form
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS03MngyLTVjODUtNndtcs4AA3Cz
Symfony potential Cross-site Scripting in WebhookController
Ecosystems: packagist
Packages: symfony/symfony, symfony/webhook
Source: github
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnd2otcHJwcS1qcGMy
Symfony Service IDs Allow Injection
Ecosystems: packagist
Packages: symfony/symfony, symfony/proxy-manager-bridge, symfony/dependency-injection
Source: github
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2cGMtNWp4NC1jZnFn
User enumeration leak using switch user functionality in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwdjgtcHB2ai00aDY4
Prevent user enumeration using Guard or the new Authenticator-based Security
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http, symfony/maker-bundle, lexik/jwt-authentication-bundle, symfony/security-core, symfony/security-guard
Source: github
Published: about 4 years ago
Moderate
GSA_kwCzR0hTQS0yeGhnLXcyZzUtdzk1eM0YGA
CSV Injection in symfony/serializer
Ecosystems: packagist
Packages: symfony/symfony, symfony/serializer
Source: github
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1jeDQtZjVmNS00ODU5
Prevent cache poisoning via a Response Content-Type header in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: github
Published: about 5 years ago
High
GSA_kwCzR0hTQS02NnA2LTdwMjktNTVwOc4AAVWh
Symfony Host Header Injection
Ecosystems: packagist
Packages: symfony/symfony
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS01YzU4LXc5eGMtcWNqOc4AAc0N
Symfony Vulnerable to PHP Eval Injection
Ecosystems: packagist
Packages: symfony/http-kernel, symfony/symfony
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS04M2MzLXF4MjctMnJ3cs4AAfXs
Symfony Allows URI Restrictions Bypass Via Double-Encoded String
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/routing, symfony/http-foundation
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmY2YtbTY3bS1qY3Jx
Authentication granted to all firewalls instead of just one
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: almost 4 years ago
High
GSA_kwCzR0hTQS1xcTVjLTY3N3AtNzM3cc4ABBBg
Symfony vulnerable to command execution hijack on Windows with Process class
Ecosystems: packagist
Packages: symfony/symfony, symfony/process
Source: github
Published: 7 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OTYtcTVyOC13N2cy
Symfony Cross-site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: github
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS12Zm02LXIyZ2MtcHd3d84AA8jY
Symfony2 security issue when the trust proxy mode is enabled
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: github
Published: about 1 year ago
High
GSA_kwCzR0hTQS1xMmdjLWdnM3gtNzk0Ms4AA8jh
Symfony XML Entity Expansion security vulnerability
Ecosystems: packagist
Packages: symfony/symfony
Source: github
Published: about 1 year ago
High
GSA_kwCzR0hTQS12MzVnLTRycnctaDRmd84AA8jj
Symfony Cross-Site Request Forgery vulnerability in the Web Profiler
Ecosystems: packagist
Packages: symfony/web-profiler-bundle, symfony/symfony
Source: github
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0zZ3YyLTI5cWMtdjY3bc4AAxVN
Symfony vulnerable to Session Fixation of CSRF tokens
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-bundle
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1NGgtNXIyNy03eDNy
RCE in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: github
Published: almost 5 years ago
Low
GSA_kwCzR0hTQS1nM3JoLXJyaHAtamhoOc4ABBBe
Symfony has an incorrect response from Validator when input ends with `\n`
Ecosystems: packagist
Packages: symfony/validator, symfony/symfony
Source: github
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS04OXIyLTVnMzQtMmc0N84AATfR
Symfony Open Redirect
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1jcjQ5LWZ4MnYtOXA1N84AAd7g
Symfony Denial of Service Via Long Password Hashing
Ecosystems: packagist
Packages: symfony/security, symfony/polyfill, symfony/symfony
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1xODQ3LTJxNTctd21yM84AA3Cy
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
Ecosystems: packagist
Packages: symfony/symfony, symfony/twig-bridge
Source: github
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tMndqLXI2ZzMtZnhmeM4AA3Cx
Symfony possible session fixation vulnerability
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: github
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xdzM2LXA5N3ctdmNxcs0YFw
Cookie persistence after password changes in symfony/security-bundle
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-bundle
Source: github
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5Z3ItNThyMy1wd20z
Symfony Unsafe Cache Serialization Could Enable RCE
Ecosystems: packagist
Packages: symfony/symfony, symfony/cache
Source: github
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg5Mmgtd21nMi02aHA3
Invalid HTTP method overrides allow possible XSS or other attacks in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: github
Published: over 5 years ago
Low
GSA_kwCzR0hTQS1qeGdyLTN2N3EtM3c5ds4ABBBc
Symfony's `Security::login` does not take into account custom `user_checker`
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-bundle
Source: github
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS04d2dqLTZ3eDgtaDVocc3r4Q
Symfony HTTP Foundation web cache poisoning
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: github
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0bTktNWhwZi1oeDcy
Firewall configured with unanimous strategy was not actually unanimous in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http, symfony/security
Source: github
Published: about 5 years ago
Moderate
GSA_kwCzR0hTQS1oeDUzLWpjaHgtY3I1Ms4AA8ji
Symfony2 improper IP based access control
Ecosystems: packagist
Packages: symfony/symfony
Source: github
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1tbWN2LWZ2cTgtcjl4M84AA8jg
Symfony XML decoding attack vector through external entities
Ecosystems: packagist
Packages: symfony/symfony
Source: github
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1wNjg0LWY3ZmgtanYyas4AA8jb
Symfony has unsafe methods in the Request class
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: github
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1oN3YyLTJxd2ctaDgyOc4AA8ja
Symfony has a security issue when parsing the Authorization header
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: github
Published: about 1 year ago
High
GSA_kwCzR0hTQS12Nzd2LXg2MzQtOW01Ns4AA8jZ
Symfony vulnerable to denial of service via a malicious HTTP Host header
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: github
Published: about 1 year ago
High
GSA_kwCzR0hTQS13ZnY3LTV4MzMtdjIyaM4AA8jX
Code injection in the way Symfony implements translation caching in FrameworkBundle
Ecosystems: packagist
Packages: symfony/symfony, symfony/framework-bundle
Source: github
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xM2ozLXczN3gtaHEycc0YFQ
Webcache Poisoning in symfony/http-kernel
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: github
Published: over 3 years ago
High
GSA_kwCzR0hTQS0ycjVoLTZyN3YtNW03Y84AAZ6g
Symphony Vulnerable to PHP Code Injection via YAML Parsing
Ecosystems: packagist
Packages: symfony/yaml, symfony/symfony
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS13aGd2LThjZzMtN2hjbc4AAdU9
Symphony Denial of Service Via Overlong Usernames
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-http
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS14OHZwLWdmNHEtbXc1as4ABBBb
Symfony allows changing the environment through a query
Ecosystems: packagist
Packages: symfony/symfony, symfony/runtime
Source: github
Published: 7 months ago
Critical
GSA_kwCzR0hTQS13dmo1LXI3OHItaGhmcc4AAWjw
Symfony Authentication Bypass
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1oN3ZmLTV3cnYtOWZods4AAxVO
Symfony storing cookie headers in HttpCache
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-kernel
Source: github
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05Mng2LWgyZ3ItOGd4cc4AASJF
Symfony CSRF Vulnerability
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-csrf
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS1jNDlyLThnajYtNzY4cs4AAT5H
Symfony Directory Traversal
Ecosystems: packagist
Packages: symfony/symfony, symfony/intl
Source: github
Published: about 3 years ago
Low
GSA_kwCzR0hTQS1qNWpoLWhwcjQtaDMzMs4AAV_7
Symfony Session Fixation Vulnerability
Ecosystems: packagist
Packages: symfony/security, symfony/security-http, symfony/symfony
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1xbXF3LW1wcXAtbXI1NM4AAcRE
Symfony Incorrect Access Control
Ecosystems: packagist
Packages: symfony/http-kernel, symfony/symfony
Source: github
Published: about 3 years ago