Package impact
Packagist / symfony/security-http
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-45063 | high | — | 8.0 | 8d ago | Symfony Vulnerable to Identity Spoofing via Unanchored DN Regex in X509Authenticator | |
| CVE-2016-4423 | high | 7.5 | 7.5 | 10y ago | The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x befo… | |
| CVE-2015-8125 | high | — | 7.5 | 11y ago | Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/… |