>= 2.7.30, < 2.7.32
>= 2.8.0, < 2.8.37
CRITICAL9.8Symfony Authentication Bypass
>= 2.8.0, < 2.8.6
HIGH8.8Symfony CSRF Token Fixation
>= 2.7.0, < 2.7.48
HIGH8.1Symfony Session Fixation Vulnerability
>= 2.7.0, < 2.7.48
HIGH7.6Firewall configured with unanimous strategy was not actually unanimous in Symfony
>= 4.4.0, < 4.4.7
HIGH7.5Symfony Cryptographic Vulnerability
>= 2.3.0, < 2.3.37
HIGH7.5Symphony Denial of Service Via Overlong Usernames
>= 2.3.0, < 2.3.41
HIGH7.5Improper authentication in Symfony
>= 2.7.0, < 2.7.51
MEDIUM6.1Symfony Open Redirect
>= 2.7.0, < 2.7.38
MEDIUM6.1Symfony Open Redirect
>= 2.7.38, < 2.7.50
MEDIUM5.9Symfony CSRF Vulnerability
>= 2.7.0, < 2.7.38
MEDIUM5.3Prevent user enumeration using Guard or the new Authenticator-based Security
>= 5.0.0, < 5.2.8
LOW3.1Symfony Session Fixation Vulnerability
>= 2.3.0, < 2.3.35
—Symfony Allows URI Restrictions Bypass Via Double-Encoded String
>= 2.0.0, < 2.0.19
—Symfony Denial of Service Via Long Password Hashing
>= 2.0.0, < 2.0.25
—Symfony Vulnerable to Timing Attack
>= 2.3.0, < 2.3.35