VYPR

Packagist (Composer) package

symfony/form

pkg:composer/symfony/form

Vulnerabilities (3)

  • CVE-2018-19789Dec 18, 2018
    affected >= 2.7.0, < 2.7.50fixed 2.7.50

    An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's the `data_

  • CVE-2017-16790MedAug 6, 2018
    affected >= 2.7.0, < 2.7.38fixed 2.7.38

    An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that a

  • CVE-2015-8125Dec 7, 2015
    affected >= 2.3.0, < 2.3.35fixed 2.3.35

    Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Securi