Search CVE reports
121 – 130 of 42760 results
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, the Mailjet mailer bridge and LOX24 notifier bridge webhook parsers received configured webhook...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, UrlAttributeSanitizer::getSupportedAttributes() omits URL-valued...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser::cleanup() used regular expressions with overlapping...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser resolved YAML collection aliases recursively, allowing a...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, when the parser is exposed to attacker-controlled input, deeply nested mappings or...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, method-scoped #[IsGranted], #[IsSignatureValid], and #[IsCsrfTokenValid] attributes can be configured...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, PdoAdapter::doClear() builds a DELETE statement using a namespace derived from the...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.4.24 until 6.4.40, 7.4.12, and 8.0.12, the development profiler file_excerpt Twig filter escapes PHP files...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Mime\Header\ParameterizedHeader validates and encodes parameter...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, OidcTokenHandler::verifyClaims() registered audience (aud), issuer (iss), and expiry (exp)...
1 affected package
symfony
| Package | 20.04 LTS |
|---|---|
| symfony | Needs evaluation |