Packagist Package Vulnerabilities

All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,801 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 351.ptrofimov/beanstalk_console2 CVEs
  2. 352.react/http2 CVEs
  3. 353.rhukster/dom-sanitizer2 CVEs
  4. 354.robrichards/xmlseclibs2 CVEs
  5. 355.s9y/serendipity2 CVEs
  6. 356.sabre/dav2 CVEs
  7. 357.s-cart/core2 CVEs
  8. 358.s-cart/s-cart2 CVEs
  9. 359.setasign/fpdi2 CVEs
  10. 360.shuchkin/simplexlsx2 CVEs
  11. 361.simogeo/filemanager2 CVEs
  12. 362.simplesamlphp/saml2-legacy2 CVEs
  13. 363.simplesamlphp/simplesamlphp-module-casserver2 CVEs
  14. 364.simplesamlphp/simplesamlphp-module-infocard2 CVEs
  15. 365.sjbr/sr-freecap2 CVEs
  16. 366.slim/slim2 CVEs
  17. 367.solspace/craft-freeform2 CVEs
  18. 368.spipu/html2pdf2 CVEs
  19. 369.starcitizentools/tabber-neue2 CVEs
  20. 370.swiftmailer/swiftmailer2 CVEs
  21. 371.sylius/grid-bundle2 CVEs
  22. 372.symfony/framework-bundle2 CVEs
  23. 373.symfony/http-client2 CVEs
  24. 374.symfony/polyfill2 CVEs
  25. 375.symfony/process2 CVEs
  26. 376.symfony/runtime2 CVEs
  27. 377.symfony/twig-bridge2 CVEs
  28. 378.symfony/validator2 CVEs
  29. 379.symphonycms/symphony-22 CVEs
  30. 380.t3/dce2 CVEs
  31. 381.tikiwiki/tiki-manager2 CVEs
  32. 382.tltneon/lgsl2 CVEs
  33. 383.topthink/think2 CVEs
  34. 384.topthink/thinkphp2 CVEs
  35. 385.tpwd/ke_search2 CVEs
  36. 386.typo3/cms-beuser2 CVEs
  37. 387.typo3/cms-dashboard2 CVEs
  38. 388.typo3/cms-indexed-search2 CVEs
  39. 389.typo3/cms-workspaces2 CVEs
  40. 390.typo3fluid/fluid2 CVEs
  41. 391.typo3/phar-stream-wrapper2 CVEs
  42. 392.verbb/image-resizer2 CVEs
  43. 393.verbb/knock-knock2 CVEs
  44. 394.vufind/vufind2 CVEs
  45. 395.web-auth/webauthn-lib2 CVEs
  46. 396.web-tp3/wec_map2 CVEs
  47. 397.winter/wn-backend-module2 CVEs
  48. 398.winter/wn-cms-module2 CVEs
  49. 399.wp-graphql/wp-graphql2 CVEs
  50. 400.yiisoft/yii2-authclient2 CVEs

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →