Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

symfony/security-http

Ecosystem:
packagist
Package URL:
pkg:composer/symfony/security-http
Total PRs:
71 Dependabot PRs
Latest PR:
4 days ago
Unique Repositories:
56 repositories
Unique Repos (30 days):
7 repositories
Security Advisories
Symphony Denial of Service Via Overlong Usernames
GHSA-whgv-8cg3-7hcm CVE-2016-4423 HIGH published about 4 years ago • updated about 23 hours ago
The attemptAuthentication function in `Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php` in Symfony before 2.3.41, 2...
Symfony's OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims
GHSA-29fc-p6c4-24cg CVE-2026-45069 MODERATE published 23 days ago • updated about 13 hours ago
### Description `OidcTokenHandler` is Symfony's built-in access-token handler for OpenID Connect: it validates a bearer JWT and returns the authen...
Synfony's HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]
GHSA-6439-2f28-8p8q CVE-2026-45075 MODERATE published 23 days ago • updated 3 days ago
### Description Symfony's `#[IsGranted('...')]`, `#[IsSignatureValid]`, and `#[IsCsrfTokenValid(...)]` attributes allow you to define a `methods: ...
Improper authentication in Symfony
GHSA-cchx-mfrc-fwqr CVE-2019-10911 HIGH published over 6 years ago • updated about 6 hours ago
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacke...
Authentication granted to all firewalls instead of just one
GHSA-rfcf-m67m-jcrq CVE-2021-32693 MODERATE published almost 5 years ago • updated 2 days ago
Description ----------- When an application defines multiple firewalls, the authenticated token delivered by one of the firewalls is available to ...
View all 16 advisories
Recent PRs
RSS Feed
Bump symfony/security-http from 8.0.12 to 8.0.13

douzeEnsemble/pokenini-api #277

8.0.12 → 8.0.13 Patch PR
Closed 4 days ago 1 comment
douzeEnsemble
Bump the composer group across 1 directory with 18 updates

HandyKnox/mautic-marketing #21

7.3.1 → 7.4.13 Minor PR
Closed 23 days ago 1 comment
HandyKnox
Bump the composer group across 1 directory with 17 updates

TheJ-Erk400/mautic-dev #21

5.4.35 → 5.4.53 Patch PR
Closed 23 days ago 1 comment
TheJ-Erk400
Bump the composer group across 1 directory with 17 updates

dporkka/mautic #16

7.3.1 → 7.4.13 Minor PR
Closed 23 days ago 1 comment
dporkka
Bump the composer group across 1 directory with 13 updates

matxsu/Ecodeli #11

7.0.9 → 7.4.13 Minor PR
Closed 23 days ago 1 comment
matxsu
Bump the composer group across 1 directory with 12 updates

HandyKnox/mautic-marketing #15

7.3.1 → 7.4.13 Minor PR
Closed 23 days ago 1 comment
HandyKnox
Bump symfony/security-http from 6.4.19 to 6.4.41 in /user-restricted-separate-auth-tutorials/nhs-login/php

NHSDigital/hello-world-auth-examples #192

6.4.19 → 6.4.41 Patch PR
Closed 23 days ago 1 comment
NHSDigital
Bump the composer group across 1 directory with 10 updates

TheJ-Erk400/mautic-dev #14

5.4.35 → 5.4.53 Patch PR
Closed 23 days ago 1 comment
TheJ-Erk400
⬆️ Bump symfony/security-http from 8.0.6 to 8.0.13 in /tools/phpstan

darkwood-com/darkwood-com #137

8.0.6 → 8.0.13 Patch PR
Closed 23 days ago 1 comment
darkwood-com
build(deps): bump the composer group across 1 directory with 11 updates

YoutacRandS-VA/mautic #24

5.4.35 → 5.4.47 Patch PR
Closed about 2 months ago 1 comment
YoutacRandS-VA
Bump the composer group across 1 directory with 12 updates

hiepnguyenmmo/mautic #10

5.4.35 → 5.4.47 Patch PR
Closed about 2 months ago 1 comment
hiepnguyenmmo
Bump the composer group across 1 directory with 11 updates

hiepnguyenmmo/mautic #7

5.4.35 → 5.4.47 Patch PR
Closed 2 months ago 1 comment
hiepnguyenmmo
Bump the composer group across 1 directory with 9 updates

TheJ-Erk400/mautic-dev #8

5.4.35 → 5.4.47 Patch PR
Closed 2 months ago 1 comment
TheJ-Erk400
Bump the symfony group with 39 updates

kdgyimah/be #8

8.0.3 → 8.0.4 Patch PR
Closed 5 months ago 1 comment
kdgyimah
chore(deps): bump the php-dependencies group across 1 directory with 50 updates

SpiriitLabs/JiraServiceDesk #147

7.4.0 → 8.0.1 Major PR
Open 6 months ago 2 comments
SpiriitLabs
chore(deps): bump the php-dependencies group with 45 updates

SpiriitLabs/JiraServiceDesk #145

7.4.0 → 8.0.1 Major PR
Open 6 months ago 1 comment
SpiriitLabs
Bump symfony/security-http from 6.3.12 to 6.4.26

sfu-dhil/circus #102

6.3.12 → 6.4.26 Minor PR
Closed 7 months ago 1 comment
sfu-dhil
Bump the composer group across 1 directory with 7 updates

TheJ-Erk400/mautic-dev #3

5.4.35 → 5.4.47 Patch PR
Open 9 months ago
TheJ-Erk400
Bump the composer group across 1 directory with 7 updates

joseguzman1337/mautic #30

5.4.35 → 5.4.47 Patch PR
Open 9 months ago
joseguzman1337
Bump symfony/security-http from 7.1.1 to 7.3.3

Zeref199/bibliotemplate3 #8

7.1.1 → 7.3.3 Minor PR
Open 10 months ago
Zeref199
fix: Bump the symfony group with 33 updates

cedricziel/faro-shop #1701

7.3.2 → 7.3.3 Patch PR
Open 10 months ago 1 comment
cedricziel
Bump the composer group across 1 directory with 2 updates

JulioIlunga/smartimmo-admin #1

6.4.14 → 6.4.25 Patch PR
Open 10 months ago
JulioIlunga
Bump the composer group across 1 directory with 6 updates

MateuszPlebanek/usersymfony2 #1

5.4.21 → 5.4.47 Patch PR
Open 11 months ago
MateuszPlebanek
chore: composer(deps): bump the all group in /webservice with 37 updates

pfadfinden/event-pager #143

7.3.1 → 7.3.2 Patch PR
Closed 11 months ago 1 comment
pfadfinden
fix: bump the symfony group with 40 updates

cedricziel/faro-shop #1615

7.3.1 → 7.3.2 Patch PR
Merged 11 months ago 1 comment
cedricziel
build(deps): bump symfony/security-http from 6.4.15 to 6.4.23

EC-CUBE/ec-cube #6411

6.4.15 → 6.4.23 Patch PR
Merged 12 months ago 1 comment
EC-CUBE
Bump the composer group across 1 directory with 6 updates

Tamsin-Rouaud/critipixel #2

6.4.23 → 7.3.1 Major PR
Open 12 months ago
Tamsin-Rouaud
Bump symfony/security-http from 6.4.0 to 6.4.22

sfu-dhil/mvm #196

6.4.0 → 6.4.22 Patch PR
Open 12 months ago 1 comment
sfu-dhil
Bump symfony/security-http from 7.0.7 to 7.3.0

RBZ-code/SymRecipe #7

7.0.7 → 7.3.0 Minor PR
Open 12 months ago
RBZ-code
Bump symfony/security-http from 6.4.3 to 6.4.22

Developartment/symfony-sandbox #205

6.4.3 → 6.4.22 Patch PR
Open about 1 year ago
Developartment
feat(deps): bump the all-deps group with 26 updates

VilnaCRM-Org/user-service #191

7.2.6 → 7.3.0 Minor PR
Closed about 1 year ago 3 comments
VilnaCRM-Org
fix: bump the symfony group with 52 updates

cedricziel/faro-shop #1504

7.2.6 → 7.3.0 Minor PR
Merged about 1 year ago 1 comment
cedricziel
Bump the composer group across 1 directory with 2 updates

Vrosier800/Mariage-Symfony #2

7.1.7 → 7.2.6 Minor PR
Merged about 1 year ago
Vrosier800
chore(deps): bump symfony/security-http from 6.4.4 to 7.2.6

adrien-force/OC-P14-EX1-Adrien-Force #5

6.4.4 → 7.2.6 Major PR
Closed about 1 year ago
adrien-force
chore: composer(deps): bump the all group in /webservice with 27 updates

pfadfinden/event-pager #116

7.2.4 → 7.2.6 Patch PR
Merged about 1 year ago 1 comment
pfadfinden
Bump symfony/security-http from 6.4.12 to 7.1.10 in /shared/homeless

nochlezhka/mks #137

6.4.12 → 7.1.10 Major PR
Closed over 1 year ago
nochlezhka
build(deps): bump symfony/security-http from 6.4.15 to 7.2.1

IGNF/cartes.gouv.fr #597

6.4.15 → 7.2.1 Major PR
Open over 1 year ago 1 comment
IGNF
chore(deps): bump symfony/security-http from 6.4.15 to 7.2.0

UN-OCHA/ocha-api-site #145

6.4.15 → 7.2.0 Major PR
Closed over 1 year ago 2 comments
UN-OCHA
Bump symfony/security-http from 6.4.14 to 7.2.0

xmmedia/starter_symfony_4 #55

6.4.14 → 7.2.0 Major PR
Open over 1 year ago 3 comments
xmmedia
Bump symfony/security-http from 6.4.15 to 7.2.0

chamilo/chamilo-lms #5949

6.4.15 → 7.2.0 Major PR
Closed over 1 year ago 3 comments
chamilo
Bump symfony/security-http from 6.4.11 to 7.2.0

osmbe/osm-welcome-tool #1501

6.4.11 → 7.2.0 Major PR
Closed over 1 year ago
osmbe
build(deps): bump symfony/security-http from 6.4.7 to 6.4.15

ar-koder/devtools #442

6.4.7 → 6.4.15 Patch PR
Open over 1 year ago 2 comments
ar-koder
Bump symfony/security-http from 6.4.8 to 6.4.15 in /www

openbenches/openbenches.org #381

6.4.8 → 6.4.15 Patch PR
Closed over 1 year ago
openbenches
Bump symfony/security-http from 6.4.12 to 6.4.15

wecmk/wec-sermons-area #56

6.4.12 → 6.4.15 Patch PR
Closed over 1 year ago
wecmk
chore(deps): bump symfony/security-http from 6.3.8 to 6.4.15 in /demo

phrase/phrase-in-context-editor-symfony #16

6.3.8 → 6.4.15 Minor PR
Merged over 1 year ago 1 comment
phrase
⬆️ Bump symfony/security-http from 6.3.1 to 6.4.15

JAGFx/bugr2 #8

6.3.1 → 6.4.15 Minor PR
Closed over 1 year ago
JAGFx
Bump symfony/security-http from 5.4.45 to 5.4.47

crosiersource/crosierlib-base #43

5.4.45 → 5.4.47 Patch PR
Merged over 1 year ago
crosiersource
Bump symfony/security-http from 5.4.41 to 5.4.47

camdram/camdram #2499

5.4.41 → 5.4.47 Patch PR
Open over 1 year ago 1 comment
camdram
Bump symfony/security-http from 7.1.7 to 7.1.8

Nyuwb/nyuw.dev #65

7.1.7 → 7.1.8 Patch PR
Merged over 1 year ago 1 comment
Nyuwb
Bump symfony/security-http from 5.4.12 to 5.4.47 in /symfony

LegoMany/pos #12

5.4.12 → 5.4.47 Patch PR
Closed over 1 year ago
LegoMany
Package Details
Name: symfony/security-http
Ecosystem: packagist
PURL Type: composer
Package URL: pkg:composer/symfony/security-http
JSON API: View JSON
Security Advisories

16

Active advisories
HIGH 7
MODERATE 8
LOW 1
View All composer Advisories
Package Information
Description:

Symfony Security Component - HTTP Integration

Repository: https://github.com/symfony/security-http
Homepage: https://symfony.com
Latest Release: v7.3.0
about 1 year ago
Dependent Repos: 24,571
Dependent Packages: 135
Downloads: 132,454,987
Ranking: Top 0.0567% by dependent repos Top 0.0584% by downloads Top 0.2232% by dependent pkgs
PR Status
Open 18 (25.4%)
Merged 10 (14.1%)
Closed 37 (52.1%)
PR Types
Major 10 (14.1%)
Minor 15 (21.1%)
Patch 40 (56.3%)