Packagist (Composer) package
symfony/process
pkg:composer/symfony/process
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-24739 | — | < 5.4.51 | 5.4.51 | Jan 28, 2026 | Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters (notably `=`) as “special” when escaping arguments o | ||
| CVE-2024-51736 | — | < 5.4.46 | 5.4.46 | Nov 6, 2024 | Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when preparing command arguments, leading |
- CVE-2026-24739Jan 28, 2026affected < 5.4.51fixed 5.4.51
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters (notably `=`) as “special” when escaping arguments o
- CVE-2024-51736Nov 6, 2024affected < 5.4.46fixed 5.4.46
Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when preparing command arguments, leading