symfony/http-foundation vulnerabilities

Symfony HttpFoundation Component

Latest version: v5.0.3

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the symfony/http-foundation package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Arbitrary Code Execution
>=2.8.0, <2.8.52,>=3.4.0, <3.4.35,>=4.2.0, <4.2.11,>=4.3.0, <4.3.8 Not available 22 Nov, 2019
  • M
Improper Input Validation
>=4.2.0, <4.2.7 Not available 24 Apr, 2019
  • M
Access Restriction Bypass
>=2.7, <2.7.49,>=2.8, <2.8.44,>=3.0.0, <3.3.18,>=3.4, <3.4.14,>=4.0.0, <4.0.14,>=4.1, <4.1.3 Not available 02 Aug, 2018
  • M
Denial of Service (DoS)
<2.7.48,>=2.8.0, <2.8.41,>=3.0.0, <3.3.17,>=3.4.0, <3.4.11,>=4.0.0, <4.0.11 Not available 30 May, 2018
  • M
Man-in-the-Middle (MitM)
>=2.0.0, <2.3.27,>=2.4.0, <2.5.11,>=2.6.0, <2.6.6 Not available 01 Apr, 2015
  • L
Authentication Bypass
>=2.3.0, <2.3.19,>=2.1.0, <2.2.0,>=2.4.0, <2.4.9,>=2.5.0, <2.5.4,>=2.2.0, <2.3.0,>=2.0.0, <2.1.0 Not available 03 Sep, 2014
  • M
Denial of Service (DoS)
>=2.0.0, <2.3.19,>=2.4.0, <2.4.9,>=2.5.0, <2.5.4 Not available 03 Sep, 2014
  • H
HTTP Host Header Poisoning
>=2.3.0, <2.3.3,>=2.1.0, <2.1.12,>=2.2.0, <2.2.5,>=2.0.0, <2.0.24 Not available 17 Aug, 2013
  • M
Access Restriction Bypass
>=2.1.0, <2.1.4,>=2.0.0, <2.0.19 Not available 27 Nov, 2012
  • M
Path Disclosure
>=2.0.0, <2.0.19 Not available 19 Mar, 2012