VYPR

Packagist (Composer) package

friendsofsymfony1/symfony1

pkg:composer/friendsofsymfony1/symfony1

Vulnerabilities (2)

  • CVE-2024-28861Mar 22, 2024
    affected >= 1.1.0, < 1.5.19fixed 1.5.19

    Symfony 1 is a community-driven fork of the 1.x branch of Symfony, a PHP framework for web projects. Starting in version 1.1.0 and prior to version 1.5.19, Symfony 1 has a gadget chain due to dangerous deserialization in `sfNamespacedParameterHolder` class that would enable an at

  • CVE-2024-28859Mar 15, 2024
    affected >= 1.3.0, < 1.5.18fixed 1.5.18

    Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code executio