GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
Withdrawn Advisory: Symfony's VarDumper vulnerable to unsafe deserialization
High
CVE-2024-36610
was published
for
symfony/var-dumper
(Composer)
Nov 29, 2024
•
withdrawn
Withdrawn Advisory: Symfony http-security has authentication bypass
Moderate
CVE-2024-36611
was published
for
symfony/security-http
(Composer)
Nov 29, 2024
•
withdrawn
Symfony has an Authentication Bypass via RememberMe
High
CVE-2024-51996
was published
for
symfony/security-http
(Composer)
Nov 13, 2024
CSRF token missing in Symfony
High
CVE-2022-23601
was published
for
symfony/framework-bundle
(Composer)
Feb 1, 2022
CSV Injection in symfony/serializer
Moderate
CVE-2021-41270
was published
for
symfony/serializer
(Composer)
Nov 24, 2021
Webcache Poisoning in symfony/http-kernel
Moderate
CVE-2021-41267
was published
for
symfony/http-kernel
(Composer)
Nov 24, 2021
Exceptions displayed in non-debug configurations in Symfony
Moderate
CVE-2020-5274
was published
for
symfony/error-handler
(Composer)
Mar 30, 2020
ProTip!
Advisories are also available from the
GraphQL API