Packagist Package Vulnerabilities
All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,798 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 251.symfony/form3 CVEs
- 252.symfony/mime3 CVEs
- 253.symfony/routing3 CVEs
- 254.symfony/ux-autocomplete3 CVEs
- 255.torrentpier/torrentpier3 CVEs
- 256.typo3/cms-recycler3 CVEs
- 257.unisharp/laravel-filemanager3 CVEs
- 258.uvdesk/community-skeleton3 CVEs
- 259.verbb/comments3 CVEs
- 260.verot/class.upload.php3 CVEs
- 261.web-auth/webauthn-framework3 CVEs
- 262.wintercms/winter3 CVEs
- 263.yungifez/skuul3 CVEs
- 264.zencart/zencart3 CVEs
- 265.zendframework/zendopenid3 CVEs
- 266.zendframework/zendrest3 CVEs
- 267.zendframework/zendservice-amazon3 CVEs
- 268.zendframework/zendservice-api3 CVEs
- 269.zendframework/zendservice-audioscrobbler3 CVEs
- 270.zendframework/zendservice-nirvanix3 CVEs
- 271.zendframework/zendservice-slideshare3 CVEs
- 272.zendframework/zendservice-technorati3 CVEs
- 273.zendframework/zendservice-windowsazure3 CVEs
- 274.aimeos/ai-client-html2 CVEs
- 275.aimeos/ai-controller-frontend2 CVEs
- 276.aimeos/aimeos-core2 CVEs
- 277.akeneo/pim-community-dev2 CVEs
- 278.alexusmai/laravel-file-manager2 CVEs
- 279.apereo/phpcas2 CVEs
- 280.api-platform/graphql2 CVEs
- 281.athlon1600/php-proxy2 CVEs
- 282.athlon1600/php-proxy-app2 CVEs
- 283.austintoddj/canvas2 CVEs
- 284.backpack/crud2 CVEs
- 285.bacula-web/bacula-web2 CVEs
- 286.bolt/core2 CVEs
- 287.born05/craft-twofactorauthentication2 CVEs
- 288.cecil/cecil2 CVEs
- 289.codeigniter/framework2 CVEs
- 290.components/jquery2 CVEs
- 291.cpsit/typo3-mailqueue2 CVEs
- 292.datahihi1/tiny-env2 CVEs
- 293.derhansen/sf_event_mgt2 CVEs
- 294.dmk/webkitpdf2 CVEs
- 295.drupal/civictheme2 CVEs
- 296.drupal/google_tag2 CVEs
- 297.drupal/quick_node_block2 CVEs
- 298.elijaa/phpmemcacheadmin2 CVEs
- 299.encore/laravel-admin2 CVEs
- 300.erusev/parsedown2 CVEs
Which Packagist packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →