CVE-2026-45065
MEDIUM SEVERITYVulnerability Description
Symfony has a UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
composer
Product
symfony/routing
External References
- https://github.com/symfony/symfony/security/advisories/GHSA-72xp-p242-47p9
- https://github.com/symfony/symfony/commit/bcf487c22f3240ba994124e0e0fe8616f3cfc47a
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/routing/CVE-2026-45065.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-45065.yaml
- https://symfony.com/cve-2026-45065
- https://github.com/advisories/GHSA-72xp-p242-47p9
Discussion (0)
Add Comment
No comments yet. Be the first!