Arbitrary Code Execution
Affecting symfony/http-foundation package, versions >=2.8.0, <2.8.52 || >=3.4.0, <3.4.35 || >=4.2.0, <4.2.11 || >=4.3.0, <4.3.8
symfony/http-foundation is a component defines an object-oriented layer for the HTTP specification.
Affected versions of this package are vulnerable to Arbitrary Code Execution.
Provided file paths were not being properly escaped before being used in the
FileBinaryMimeTypeGuesser resulting in potential argument injection through the provided
symfony/http-foundation to version 2.8.52, 3.4.35, 4.2.11, 4.3.8 or higher.