pkg:Bitnami/symfony

All known vulnerabilities

• HIGH8.1CVE-2022-23601CSRF token missing in Symfony
  from 0, < 5.3.15, >= 5.4.0, < 5.4.4, >= 6.0.0, < 6.0.4
• HIGH8.0CVE-2020-15094RCE in Symfony
  >= 4.4.0, < 4.4.13, >= 5.1.0, < 5.1.5
• HIGH7.6CVE-2020-5275Firewall configured with unanimous strategy was not actually unanimous in Symfony
  >= 4.4.0, < 4.4.7, >= 5.0.0, < 5.0.7
• MEDIUM6.8Authentication granted to all firewalls instead of just one
  >= 5.3.0, < 5.3.2
• MEDIUM6.5Symfony possible session fixation vulnerability
  >= 5.4.21, < 5.4.31, >= 6.2.7, < 6.3.8
• MEDIUM6.5CSV Injection in symfony/serializer
  >= 4.1.0, < 4.4.35, >= 5.0.0, < 5.3.12
• MEDIUM6.5Cookie persistence after password changes in symfony/security-bundle
  >= 5.3.0, < 5.3.12
• MEDIUM6.5Webcache Poisoning in symfony/http-kernel
  >= 5.2.0, < 5.3.12
• MEDIUM6.3Symfony vulnerable to Session Fixation of CSRF tokens
  >= 2.0.0, < 4.4.50, >= 5.0.0, < 5.4.20, >= 6.0.0, < 6.0.20, >= 6.1.0, < 6.1.12, >= 6.2.0, < 6.2.6
• MEDIUM6.1Symfony potential Cross-site Scripting in WebhookController
  >= 6.0.0, < 6.3.8
• MEDIUM6.1symfony - security update
  >= 2.0.0, < 4.4.51, >= 5.0.0, < 5.4.31, >= 6.0.0, < 6.3.8
• MEDIUM5.9Symfony storing cookie headers in HttpCache
  >= 2.0.0, < 4.4.50, >= 5.0.0, < 5.4.2, >= 6.0.0, < 6.0.20, >= 6.1.0, < 6.1.12, >= 6.2.0, < 6.2.6
• MEDIUM5.3symfony - security update
  >= 2.8.0, < 3.4.48, >= 4.0.0, < 4.4.23, >= 5.0.0, < 5.2.8
• MEDIUM4.6Exceptions displayed in non-debug configurations in Symfony
  >= 4.4.0, < 4.4.4, >= 5.0.0, < 5.0.4
• LOW2.6Prevent cache poisoning via a Response Content-Type header in Symfony
  >= 4.4.0, < 4.4.7, >= 5.0.0, < 5.0.7