Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

symfony/http-kernel

Ecosystem:
packagist
Package URL:
pkg:composer/symfony/http-kernel
Total PRs:
194 Dependabot PRs
Latest PR:
13 days ago
Unique Repositories:
99 repositories
Unique Repos (30 days):
9 repositories
Security Advisories
Webcache Poisoning in symfony/http-kernel
GHSA-q3j3-w37x-hq2q CVE-2021-41267 MODERATE published about 4 years ago • updated 4 days ago
Description ----------- When a Symfony application is running behind a proxy or a load-balancer, you can tell Symfony to look for the `X-Forwarded...
Symfony allows direct access of ESI URLs behind a trusted proxy
GHSA-wvjv-p5rr-mmqm CVE-2014-5245 HIGH published over 1 year ago • updated 8 days ago
All 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpKernel component are affected by this security issue. Your application is vulnerable...
Symfony Incorrect Access Control
GHSA-qmqw-mpqp-mr54 CVE-2015-4050 MODERATE published over 3 years ago • updated 8 days ago
FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7,...
RCE in Symfony
GHSA-754h-5r27-7x3r CVE-2020-15094 HIGH published about 5 years ago • updated about 4 hours ago
Description ----------- The `CachingHttpClient` class from the HttpClient Symfony component relies on the `HttpCache` class to handle requests. `H...
Symfony Http-Kernel has non-constant time comparison in UriSigner
GHSA-q8hg-pf8v-cxrv CVE-2019-18887 HIGH published over 3 years ago • updated 4 days ago
When checking the signature of an URI (an ESI fragment URL for instance), the URISigner did not used a constant time string comparison function, re...
View all 7 advisories
Recent PRs (filtered by: Open , Major PRs )
RSS Feed Clear filter
Bump symfony/http-kernel from 6.4.1 to 7.3.0

acquia/acquia-cms-starterkit #181

6.4.1 → 7.3.0 Major PR
Open 6 months ago
acquia
Package Details
Name: symfony/http-kernel
Ecosystem: packagist
PURL Type: composer
Package URL: pkg:composer/symfony/http-kernel
JSON API: View JSON
Security Advisories

7

Active advisories
HIGH 3
MODERATE 4
View All composer Advisories
Package Information
Description:

Provides a structured process for converting a Request into a Response

Repository: https://github.com/symfony/http-kernel
Homepage: https://symfony.com
Latest Release: v7.2.6
7 months ago
Dependent Repos: 534,064
Dependent Packages: 5,492
Downloads: 696,099,444
Ranking: Top 0.0054% by dependent repos Top 0.0086% by downloads Top 0.0061% by dependent pkgs
PR Status
Open 59 (30.4%)
Merged 44 (22.7%)
Closed 83 (42.8%)
PR Types
Minor 37 (19.1%)
Major 4 (2.1%)
Patch 144 (74.2%)