Packagist (Composer) package
friendsofsymfony1/symfony1
pkg:composer/friendsofsymfony1/symfony1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28861 | — | >= 1.1.0, < 1.5.19 | 1.5.19 | Mar 22, 2024 | Symfony 1 is a community-driven fork of the 1.x branch of Symfony, a PHP framework for web projects. Starting in version 1.1.0 and prior to version 1.5.19, Symfony 1 has a gadget chain due to dangerous deserialization in `sfNamespacedParameterHolder` class that would enable an at | ||
| CVE-2024-28859 | — | >= 1.3.0, < 1.5.18 | 1.5.18 | Mar 15, 2024 | Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code executio |
- CVE-2024-28861Mar 22, 2024affected >= 1.1.0, < 1.5.19fixed 1.5.19
Symfony 1 is a community-driven fork of the 1.x branch of Symfony, a PHP framework for web projects. Starting in version 1.1.0 and prior to version 1.5.19, Symfony 1 has a gadget chain due to dangerous deserialization in `sfNamespacedParameterHolder` class that would enable an at
- CVE-2024-28859Mar 15, 2024affected >= 1.3.0, < 1.5.18fixed 1.5.18
Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code executio