GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
106 advisories
Cookie persistence after password changes in symfony/security-bundle
Moderate
CVE-2021-41268
was published
for
symfony/security-bundle
(Composer)
Nov 24, 2021
Password Change Vulnerability
Moderate
CVE-2023-49804
was published
for
uptime-kuma
(npm)
Dec 12, 2023
Symfony possible session fixation vulnerability
Moderate
CVE-2023-46733
was published
for
symfony/security-http
(Composer)
Nov 12, 2023
Passport vulnerable to session regeneration when a users logs in or out
Moderate
CVE-2022-25896
was published
for
passport
(npm)
Jul 2, 2022
Symfony vulnerable to Session Fixation of CSRF tokens
Moderate
CVE-2022-24895
was published
for
symfony/security-bundle
(Composer)
Feb 1, 2023
ProTip!
Advisories are also available from the
GraphQL API