Vulnerabilities > Sensiolabs > Symfony > 3.3.13

DATE CVE VULNERABILITY TITLE RISK
2023-11-10 CVE-2023-46734 Cross-site Scripting vulnerability in Sensiolabs Symfony
Symfony is a PHP framework for web and console applications and a set of reusable PHP components.
network
low complexity
sensiolabs CWE-79
6.1
2023-02-03 CVE-2022-24894 Improper Authorization vulnerability in Sensiolabs Symfony
Symfony is a PHP framework for web and console applications and a set of reusable PHP components.
network
low complexity
sensiolabs CWE-285
8.8
2023-02-03 CVE-2022-24895 Session Fixation vulnerability in Sensiolabs Symfony
Symfony is a PHP framework for web and console applications and a set of reusable PHP components.
network
low complexity
sensiolabs CWE-384
8.8
2022-02-01 CVE-2022-23601 Cross-Site Request Forgery (CSRF) vulnerability in Sensiolabs Symfony
Symfony is a PHP framework for web and console applications and a set of reusable PHP components.
6.8
2021-05-13 CVE-2021-21424 Information Exposure vulnerability in multiple products
Symfony is a PHP framework for web and console applications and a set of reusable PHP components.
network
low complexity
sensiolabs fedoraproject CWE-200
5.3
2018-12-18 CVE-2018-19790 Open Redirect vulnerability in multiple products
An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1.
network
low complexity
sensiolabs fedoraproject debian CWE-601
6.1
2018-12-18 CVE-2018-19789 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1.
network
low complexity
sensiolabs debian CWE-434
5.3
2018-08-03 CVE-2018-14774 Improper Input Validation vulnerability in Sensiolabs Symfony
An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2.
network
low complexity
sensiolabs CWE-20
5.0
2018-08-03 CVE-2018-14773 An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2.
network
low complexity
sensiolabs debian drupal
4.0
2018-06-13 CVE-2018-11408 Open Redirect vulnerability in multiple products
The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container.
network
low complexity
sensiolabs debian CWE-601
6.1