symfony/twig-bridge
Packagist2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting symfony/twig-bridgepage 1 of 1
- CVE-2023-46734MEDIUMCVSS 6.1EG 6.1✓ Fixed in 6.3.82023-11-10
vulnerable: v6.0.0 ... v6.3.5 (42 versions)
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe…
- CVE-2026-45072LOWCVSS 0.0EG 0.0✓ Fixed in 6.4.402026-05-27
vulnerable: v6.4.24 ... v6.4.36 (8 versions)
Symfony Vulnerable to stored XSS in WebProfiler CodeExtension::fileExcerpt() — Unescaped Non-PHP File Rendering ### Description Symfony's profiler, a development only debug UI, renders source-code excerpts on several pages using Twig's…
Check whether symfony/twig-bridge is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for symfony/twig-bridge CVEs against the assets you own.
Start Free Scan →