Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

symfony/http-foundation

Ecosystem:
packagist
Package URL:
pkg:composer/symfony/http-foundation
Total PRs:
414 Dependabot PRs
Latest PR:
2 days ago
Unique Repositories:
296 repositories
Unique Repos (30 days):
97 repositories
Security Advisories
Symfony has a security issue when parsing the Authorization header
GHSA-h7v2-2qwg-h829 CVE-2014-6061 MODERATE published over 1 year ago • updated about 15 hours ago
All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue ...
Invalid HTTP method overrides allow possible XSS or other attacks in Symfony
GHSA-x92h-wmg2-6hp7 CVE-2019-10913 CRITICAL published almost 6 years ago • updated 5 days ago
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or usin...
Argument injection in a MimeTypeGuesser in Symfony
GHSA-xhh6-956q-4q69 CVE-2019-18888 HIGH published almost 6 years ago • updated 8 days ago
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application pas...
Symfony vulnerable to denial of service via a malicious HTTP Host header
GHSA-v77v-x634-9m56 CVE-2014-5244 HIGH published over 1 year ago • updated 3 days ago
All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue ...
Symfony's incorrect parsing of PATH_INFO can lead to limited authorization bypass
GHSA-3rg7-wf37-54rm CVE-2025-64500 HIGH published 18 days ago • updated 4 days ago
### Description The `Request` class improperly interprets some `PATH_INFO` in a way that leads to representing some URLs with a path that doesn't ...
View all 11 advisories
Recent PRs (filtered by: Closed , Major PRs )
RSS Feed Clear filter
Bump symfony/http-foundation from 4.4.49 to 5.4.50

sfu-dhil/pi #91

4.4.49 → 5.4.50 Major PR
Closed 18 days ago 1 comment
sfu-dhil
Bump symfony/http-foundation from 4.4.49 to 5.4.46

jtl-software/connector-prestashop #15

4.4.49 → 5.4.46 Major PR
Closed 20 days ago 1 comment
jtl-software
Bump symfony/http-foundation from 4.4.49 to 5.4.48

sfu-dhil/pi #90

4.4.49 → 5.4.48 Major PR
Closed 6 months ago 1 comment
sfu-dhil
chore(deps): bump symfony/http-foundation from 6.4.4 to 7.1.7

adrien-force/OC-P14-EX1-Adrien-Force #1

6.4.4 → 7.1.7 Major PR
Closed 7 months ago
adrien-force
Bump symfony/http-foundation from 4.4.49 to 5.4.46

turtle0x1/LxdMosaic #586

4.4.49 → 5.4.46 Major PR
Closed about 1 year ago 1 comment
turtle0x1
Package Details
Name: symfony/http-foundation
Ecosystem: packagist
PURL Type: composer
Package URL: pkg:composer/symfony/http-foundation
JSON API: View JSON
Security Advisories

11

Active advisories
CRITICAL 1
HIGH 3
MODERATE 5
LOW 2
View All composer Advisories
Package Information
Description:

Defines an object-oriented layer for the HTTP specification

Repository: https://github.com/symfony/http-foundation
Homepage: https://symfony.com
Latest Release: v7.3.0
7 months ago
Dependent Repos: 533,200
Dependent Packages: 4,613
Downloads: 747,469,299
Ranking: Top 0.0056% by dependent repos Top 0.0068% by downloads Top 0.0081% by dependent pkgs
PR Status
Open 178 (43.2%)
Merged 63 (15.3%)
Closed 148 (35.9%)
PR Types
Minor 137 (33.3%)
Major 10 (2.4%)
Patch 240 (58.3%)