CVE-2026-45756
LOW SEVERITYVulnerability Description
Symfony's JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Without Limits — ReDoS
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
composer
Product
symfony/json-path
External References
- https://github.com/symfony/symfony/security/advisories/GHSA-8v8v-g73j-492j
- https://github.com/symfony/symfony/commit/1ac2d47418ec23066112db1e6ca35be6fe123d14
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/json-path/CVE-2026-45756.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2026-45756.yaml
- https://symfony.com/cve-2026-45756
- https://github.com/advisories/GHSA-8v8v-g73j-492j
Discussion (0)
Add Comment
No comments yet. Be the first!