Homepage
About Snyk

symfony/security vulnerabilities

  • licenses detected

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the symfony/security package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Information Exposure

>=2.8.0, <3.4.48 >=4.0.0, <4.4.23
  • H
Improper Authorization

>=4.4.0, <4.4.7
  • M
Access Control Bypass

>=4.2.0, <4.2.7
  • M
Information Exposure

>=2.7.38, <2.7.50 >=2.8.0, <2.8.49 >=3.0.0, <3.4.20 >=4.0.0, <4.0.15 >=4.1.0, <4.1.9 >=4.2.0, <4.2.1
  • M
Open Redirect

>=2.7.0, <2.7.50 >=2.8.0, <2.8.49 >=3.0.0, <3.4.20 >=4.0.0, <4.0.15 >=4.1.0, <4.1.9
  • H
Session Fixation

<2.7.48 >=2.8.0, <2.8.41 >=3.0.0, <3.3.17 >=3.4.0, <3.4.11 >=4.0.0, <4.0.11
  • H
CSRF Token Fixation

<2.7.48 >=2.8.0, <2.8.41 >=3.0.0, <3.3.17 >=3.4.0, <3.4.11 >=4.0.0, <4.0.11
  • C
Access Restriction Bypass

<2.8.37 >=3.0.0, <3.3.17 >=3.4.0, <3.4.7 >=4.0.0, <4.0.7
  • C
Access Restriction Bypass

>=2.7.30, <2.7.32 >=2.8.23, <2.8.25 >=3.2.10, <3.2.12 >=3.3.3, <3.3.5
  • C
Access Restriction Bypass

>=3.0.0, <3.0.6 >=2.8.0, <2.8.6
  • H
Insecure Randomness

>=2.3.0, <2.3.37 >=2.6.0, <2.6.13 >=2.4.0, <2.5.0 >=2.7.0, <2.7.9 >=2.5.0, <2.6.0
  • H
Timing Attack

>=2.3.0, <2.3.35 >=2.6.0, <2.6.12 >=2.4.0, <2.5.0 >=2.7.0, <2.7.7 >=2.5.0, <2.6.0
  • M
Session Fixation

>=2.3.0, <2.3.35 >=2.6.0, <2.6.12 >=2.4.0, <2.5.0 >=2.7.0, <2.7.7 >=2.5.0, <2.6.0
  • M
Denial of Service (DoS)

>=2.3.0, <2.3.6 >=2.1.0, <2.1.13 >=2.2.0, <2.2.9 >=2, <2.0.25
  • M
Path Disclosure

>=2, <2.0.19