symfony/security vulnerabilities

licenses detected

MIT
>=0

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the symfony/security package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Information Exposure	>=2.8.0, <3.4.48>=4.0.0, <4.4.23
H Improper Authorization	>=4.4.0, <4.4.7
M Access Control Bypass	>=4.2.0, <4.2.7
M Information Exposure	>=2.7.38, <2.7.50>=2.8.0, <2.8.49>=3.0.0, <3.4.20>=4.0.0, <4.0.15>=4.1.0, <4.1.9>=4.2.0, <4.2.1
M Open Redirect	>=2.7.0, <2.7.50>=2.8.0, <2.8.49>=3.0.0, <3.4.20>=4.0.0, <4.0.15>=4.1.0, <4.1.9
H Session Fixation	<2.7.48>=2.8.0, <2.8.41>=3.0.0, <3.3.17>=3.4.0, <3.4.11>=4.0.0, <4.0.11
H CSRF Token Fixation	<2.7.48>=2.8.0, <2.8.41>=3.0.0, <3.3.17>=3.4.0, <3.4.11>=4.0.0, <4.0.11
C Access Restriction Bypass	<2.8.37>=3.0.0, <3.3.17>=3.4.0, <3.4.7>=4.0.0, <4.0.7
C Access Restriction Bypass	>=2.7.30, <2.7.32>=2.8.23, <2.8.25>=3.2.10, <3.2.12>=3.3.3, <3.3.5
C Access Restriction Bypass	>=3.0.0, <3.0.6>=2.8.0, <2.8.6
H Insecure Randomness	>=2.3.0, <2.3.37>=2.6.0, <2.6.13>=2.4.0, <2.5.0>=2.7.0, <2.7.9>=2.5.0, <2.6.0
H Timing Attack	>=2.3.0, <2.3.35>=2.6.0, <2.6.12>=2.4.0, <2.5.0>=2.7.0, <2.7.7>=2.5.0, <2.6.0
M Session Fixation	>=2.3.0, <2.3.35>=2.6.0, <2.6.12>=2.4.0, <2.5.0>=2.7.0, <2.7.7>=2.5.0, <2.6.0
M Denial of Service (DoS)	>=2.3.0, <2.3.6>=2.1.0, <2.1.13>=2.2.0, <2.2.9>=2, <2.0.25
M Path Disclosure	>=2, <2.0.19