Known Vulnerabilities for products from Symfony
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Symfony".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34372 json | Not Provided | 2026-03-31 | 2026-03-31 | |
| CVE-2026-33715 json | Not Provided | 2026-04-14 | 2026-04-15 | |
| CVE-2023-41336 json | ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could succes... | 6.5 - MEDIUM | 2023-09-11 | 2023-09-15 |
| CVE-2022-39261 json | Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an i... | 7.5 - HIGH | 2022-09-28 | 2023-11-07 |
| CVE-2022-23614 json | Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be ... | 9.8 - CRITICAL | 2022-02-04 | 2023-11-07 |
| CVE-2019-9942 json | A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is p... | 3.7 - LOW | 2019-03-23 | 2022-04-05 |
| CVE-2018-13818 json | ** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the ... | 9.8 - CRITICAL | 2018-07-10 | 2023-11-07 |
| CVE-2015-7809 json | The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attacke... | 6.8 - MEDIUM | 2015-11-06 | 2018-10-30 |
| CVE-2001-1537 json | The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwor... | Not Provided | 2001-12-31 | 2025-04-03 |
Known software with vulnerabilities from Symfony
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Symfony | Twig | 0.9.0 |