Symfony/http-kernel
This hub aggregates every CVE we track for Symfony/http-kernel, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Symfony/http-kernel.
- CVE-2022-24894Symfony storing cookie headers in HttpCache5.9
- CVE-2021-41267Webcache Poisoning in Symfony6.5
- CVE-2020-15094RCE in Symfony8.0
- CVE-2019-18887An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony...8.1
- CVE-2015-2308Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PH...6.8
- CVE-2015-4050FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check i...4.3
Product normalization is registry-driven with AI assist and human review. How it works