Symfony Blog

All about Symfony releases, new Symfony features, and other important announcements

Remembering Ryan Weaver: Teacher, Core Team Member, Friend

Twig CVE-2024-51755: Unguarded calls to __isset() and to array-accesses in a sandbox

Twig CVE-2024-51755: Unguarded calls to __isset() and to array-accesses in a sandbox
November 6, 2024 #Security Advisories #Twig 👀 1

Twig CVE-2024-51754: Unguarded calls to __toString() in a sandbox when an object is in an array or an argument list

Twig CVE-2024-51754: Unguarded calls to __toString() in a sandbox when an object is in an array or an argument list
November 6, 2024 #Security Advisories #Twig 🚀 1

CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient

CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient
November 6, 2024 #Security Advisories

CVE-2024-50340: Ability to change environment from query

CVE-2024-50340: Ability to change environment from query
November 6, 2024 #Security Advisories ❤️ 2 🚀 1

CVE-2024-51736: Command execution hijack on Windows with Process class

CVE-2024-51736: Command execution hijack on Windows with Process class
November 6, 2024 #Security Advisories

CVE-2024-50345: Open redirect via browser-sanitized URLs

CVE-2024-50345: Open redirect via browser-sanitized URLs
November 6, 2024 #Security Advisories 🚀 2

CVE-2024-50343: Incorrect response from Validator when input ends with `\n`

CVE-2024-50343: Incorrect response from Validator when input ends with `\n`
November 6, 2024 #Security Advisories

CVE-2024-50341: Security::login does not take into account custom user_checker

CVE-2024-50341: Security::login does not take into account custom user_checker
November 6, 2024 #Security Advisories 🚀 2

Symfony 7.2.0-BETA2 released

Read release notes
November 6, 2024 #Releases

Symfony 7.1.7 released

Read release notes
November 6, 2024 #Releases