Vulnerabilities > Sensiolabs > Symfony > 2.8.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-10 | CVE-2023-46734 | Unspecified vulnerability in Sensiolabs Symfony Symfony is a PHP framework for web and console applications and a set of reusable PHP components. | 6.1 |
| 2023-02-03 | CVE-2022-24894 | Unspecified vulnerability in Sensiolabs Symfony Symfony is a PHP framework for web and console applications and a set of reusable PHP components. | 8.8 |
| 2023-02-03 | CVE-2022-24895 | Insufficient Session Expiration vulnerability in Sensiolabs Symfony Symfony is a PHP framework for web and console applications and a set of reusable PHP components. | 8.8 |
| 2022-02-01 | CVE-2022-23601 | Unspecified vulnerability in Sensiolabs Symfony Symfony is a PHP framework for web and console applications and a set of reusable PHP components. | 8.8 |
| 2021-05-13 | CVE-2021-21424 | Symfony is a PHP framework for web and console applications and a set of reusable PHP components. | 5.3 |
| 2019-11-21 | CVE-2019-18888 | Argument Injection or Modification vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. | 7.5 |
| 2019-11-21 | CVE-2019-18887 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. | 8.1 |
| 2019-05-16 | CVE-2019-10913 | SQL Injection vulnerability in Sensiolabs Symfony In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. | 9.8 |
| 2019-05-16 | CVE-2019-10912 | Deserialization of Untrusted Data vulnerability in Sensiolabs Symfony In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. | 7.1 |
| 2019-05-16 | CVE-2019-10911 | Improper Authentication vulnerability in multiple products In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. | 7.5 |