VIR
Vulnerability Intelligence Relay
Search
Stats
Package impact
Lookup
php
Packagist / symfony/routing
Severity
critical
high
medium
low
unknown
Min risk
0
Year
all
2027
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
KEV
Has exploit
Source
all
AlmaLinux Errata
AMD Security (NVD wrap)
Apache HTTPD (NVD wrap)
Apple Security Advisories
Arch Linux Security
AWS Security Bulletins (RSS)
Azure Security (via MSRC)
Caddy (NVD wrap)
CVE.org cvelistV5
Debian Security Tracker
Docker (NVD wrap)
.NET (via GHSA NuGet)
Elasticsearch (NVD wrap)
Exploit-DB
GCP Security (RSS)
Gentoo GLSA
GitHub Security Advisories
Go Vulnerability DB
HAProxy (NVD wrap)
Intel Security (RSS + NVD)
Jetty (via GHSA Maven)
CISA KEV
Kubernetes (NVD + GHSA)
Linux Kernel (NVD wrap)
LiteSpeed (NVD wrap)
Maven (via OSV Maven)
Metasploit Modules
MongoDB (NVD wrap)
Microsoft MSRC
MySQL/MariaDB (NVD wrap)
Nginx (NVD wrap)
npm (via GHSA NPM)
NVD
NVIDIA Security (NVD wrap)
OpenLiteSpeed (NVD wrap)
OSV.dev
Packagist Security
PostgreSQL (NVD wrap)
PyPI (via OSV PyPI)
Red Hat OVAL
Redis (NVD wrap)
Rocky Linux Errata
RubySec Advisory DB
RustSec Advisory DB
SUSE Security
Ubuntu USN
Apply
Reset
CVE
Severity
CVSS
Risk
Published
Description
Impact
CVE-2012-6431
medium
—
6.4
14y ago
Symfony Allows URI Restrictions Bypass Via Double-Encoded String
php
CVE-2026-45065
medium
—
5.5
8d ago
Symfony has a UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection
debian
php
CVE-2026-48784
unknown
—
—
2d ago
CVE-2026-48784: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization
debian
php
Per page
25
50
100
200
500
Showing 1–3 of 3
← Prev
Page 1 of 1
Next →