symfony/runtime
Packagist2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting symfony/runtimepage 1 of 1
- CVE-2024-50340HIGHCVSS 7.3EG 9.0✓ Fixed in 7.1.72024-11-06
vulnerable: v7.0.0 ... v7.1.6 (9 versions)
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted query string…
- CVE-2026-47767MEDIUMCVSS 0.0EG 0.0✓ Fixed in 8.0.122026-06-09
vulnerable: v8.0.0, v8.0.1, v8.0.8
SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch ### Description CVE-2024-50340 (GHSA-x8vp-gf4q-mw5j) addressed an issue where, with `register_argc_argv=On`, a craf…
Check whether symfony/runtime is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for symfony/runtime CVEs against the assets you own.
Start Free Scan →