Package impact
Packagist / symfony/framework-bundle
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2014-4931 | unknown | — | — | 2y ago | Code injection in the way Symfony implements translation caching in FrameworkBundle | |
| CVE-2022-23601 | unknown | — | — | 4y ago | Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in t… | |
| CVE-2019-10909 | unknown | — | — | 7y ago | In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. Th… |