Information on source package symfony

Available versions

ReleaseVersion
jessie2.3.21+dfsg-4+deb8u6
stretch2.8.7+dfsg-1.3+deb9u5
stretch (security)2.8.7+dfsg-1.3+deb9u3
buster3.4.22+dfsg-2+deb10u3
bullseye4.4.19+dfsg-2+deb11u6
bookworm5.4.23+dfsg-1+deb12u2
bookworm (security)5.4.23+dfsg-1+deb12u4
trixie6.4.16+dfsg-1
sid6.4.16+dfsg-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-51996vulnerablevulnerablevulnerablevulnerablefixedfixedfixedSymphony process is a module for the Symphony PHP framework which exec ...
CVE-2024-50345vulnerablevulnerablevulnerablevulnerablefixedfixedfixedsymfony/http-foundation is a module for the Symphony PHP framework whi ...
CVE-2024-50343vulnerablevulnerablevulnerablevulnerablefixedfixedfixedsymfony/validator is a module for the Symphony PHP framework which pro ...
CVE-2024-50342vulnerablevulnerablevulnerablevulnerablefixedfixedfixedsymfony/http-client is a module for the Symphony PHP framework which p ...
CVE-2024-50341vulnerablevulnerablevulnerablefixedfixedfixedfixedsymfony/security-bundle is a module for the Symphony PHP framework whi ...
CVE-2024-50340vulnerablevulnerablevulnerablevulnerablefixedfixedfixedsymfony/runtime is a module for the Symphony PHP framework which enabl ...
CVE-2024-36611vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableIn Symfony v7.07, a security vulnerability was identified in the FormL ...
CVE-2023-46734vulnerablefixedfixedfixedfixedfixedfixedSymfony is a PHP framework for web and console applications and a set ...
CVE-2022-24895vulnerablefixedfixedfixedfixedfixedfixedSymfony is a PHP framework for web and console applications and a set ...
CVE-2022-24894vulnerablefixedfixedfixedfixedfixedfixedSymfony is a PHP framework for web and console applications and a set ...
CVE-2021-21424vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedSymfony is a PHP framework for web and console applications and a set ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-36610vulnerablevulnerablevulnerablevulnerablevulnerablefixedfixedA deserialization vulnerability exists in the Stub class of the VarDum ...
CVE-2018-12040vulnerablevulnerablefixedfixedfixedfixedfixedReflected Cross-site scripting (XSS) vulnerability in the web profiler ...
CVE-2017-18343vulnerablevulnerablefixedfixedfixedfixedfixedThe debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x ...

Resolved issues

BugDescription
CVE-2024-51736Symphony process is a module for the Symphony PHP framework which exec ...
CVE-2023-46735Symfony is a PHP framework for web and console applications and a set ...
CVE-2023-46733Symfony is a PHP framework for web and console applications and a set ...
CVE-2022-23601Symfony is a PHP framework for web and console applications and a set ...
CVE-2021-41270Symfony/Serializer handles serializing and deserializing data structur ...
CVE-2021-41268Symfony/SecurityBundle is the security system for Symfony, a PHP frame ...
CVE-2021-41267Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP fr ...
CVE-2021-32693Symfony is a PHP framework for web and console applications and a set ...
CVE-2020-15094In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient cla ...
CVE-2020-5275In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Fire ...
CVE-2020-5274In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exc ...
CVE-2020-5255In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not ...
CVE-2019-18889An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through ...
CVE-2019-18888An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through ...
CVE-2019-18887An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through ...
CVE-2019-18886An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. ...
CVE-2019-11325An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3. ...
CVE-2019-10913In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x ...
CVE-2019-10912In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4. ...
CVE-2019-10911In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x ...
CVE-2019-10910In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x ...
CVE-2019-10909In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x ...
CVE-2018-19790An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x ...
CVE-2018-19789An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2 ...
CVE-2018-14774An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, ...
CVE-2018-14773An issue was discovered in Http Foundation in Symfony 2.7.0 through 2. ...
CVE-2018-11408The security handlers in the Security component in Symfony in 2.7.x be ...
CVE-2018-11407An issue was discovered in the Ldap component in Symfony 2.8.x before ...
CVE-2018-11406An issue was discovered in the Security component in Symfony 2.7.x bef ...
CVE-2018-11386An issue was discovered in the HttpFoundation component in Symfony 2.7 ...
CVE-2018-11385An issue was discovered in the Security component in Symfony 2.7.x bef ...
CVE-2017-16790An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3. ...
CVE-2017-16654An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3. ...
CVE-2017-16653An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3. ...
CVE-2017-16652An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2 ...
CVE-2017-11365Certain Symfony products are affected by: Incorrect Access Control. Th ...
CVE-2016-4423The attemptAuthentication function in Component/Security/Http/Firewall ...
CVE-2016-2403Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to b ...
CVE-2016-1902The nextBytes function in the SecureRandom class in Symfony before 2.3 ...
CVE-2015-8125Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7 ...
CVE-2015-8124Session fixation vulnerability in the "Remember Me" login feature in S ...
CVE-2015-4050FragmentListener in the HttpKernel component in Symfony 2.3.19 through ...
CVE-2015-2309Unsafe methods in the Request class
CVE-2015-2308Eval injection vulnerability in the HttpCache class in HttpKernel in S ...
CVE-2013-5958The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2. ...
CVE-2008-7220Unspecified vulnerability in Prototype JavaScript framework (prototype ...
CVE-2007-2383The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data ...

Security announcements

DSA / DLADescription
DSA-5813-1symfony - security update
DSA-5809-1symfony - security update
ELA-1009-1symfony - security update
DLA-3664-1symfony - security update
ELA-912-1symfony - security update
DLA-3493-1symfony - security update
DSA-4573-1symfony - security update
DLA-1999-1symfony - security update
DSA-4441-1symfony - security update
DLA-1778-1symfony - security update
DLA-1707-1symfony - security update
DSA-4262-1symfony - security update
DSA-3588-1symfony - security update
DSA-3402-1symfony - security update
DSA-3276-1symfony - security update

Search for package or bug name: Reporting problems