FriendsOfPHP/security-advisories

Issues

• [Discussion] Adopt OSV unified vulnerability schema for open source

  #576 opened a month ago by jaylinski
  2

• Missing 2 phpseclib/phpseclib vulnerabilities (CVE-2024-27354, CVE-2024-27355)

  #720 opened 8 months ago by TarasIrisCRM
  0

• Import advisories from the Github security vulnerability database automatically

  #626 opened 2 years ago by klausi
  10

• Missing api-platform CVE

  #674 opened 2 years ago by rmikalkenas
  1

• Support for Composer 1 is deprecated and some packages will not be available.

  #667 opened 2 years ago by kenjis
  5

• PHP Deprecated: Return type of Composer\Repository\ArrayRepository::count() should either be compatible with Countable::count()

  #666 opened 2 years ago by kenjis
  2

• Typosquatting Malware symfont/process

  #587 opened 3 years ago by jonkerw85
  3

• Work with Github to fix their Advisory Database importer?

  #537 opened 4 years ago by chillu
  3

• Using exact version constraint without boundaries are faling the validation

  #408 opened 4 years ago by ocramleznem
  5

• Consider Adopting Package URL

  #354 opened 4 years ago by stevespringett
  3

• Consider adding a vulnerability id for non CVEs

  #465 opened 4 years ago by sbs2001
  2

• Laravel 5.8 marked as insecure when it's not in fact vulnerable to CVE-2021-3129

  #530 opened 4 years ago by paulcdejean
  4

• facade/ignition seems to be fixed in 2.4.2

  #543 opened 4 years ago by particleflux
  3

• Add level of severity for PHP Security Advisories

  #496 opened 4 years ago by TheGarious
  3

• propel: 2.0.0-alpha11

  #511 opened 4 years ago by DawoudIO
  11

• Flag unsupported versions

  #504 opened 4 years ago by Rudloff
  1

• Mr

  #469 opened 5 years ago by 211438755-svg
  0

• Would it be possible to add TYPO3 Extensions as well?

  #454 opened 5 years ago by tomasnorre
  8

• alterphp/easyadmin-extension-bundle/2018-10-02.yaml

  #450 opened 5 years ago by 211438755-svg
  2

• simplesamlphp v1.17.8 reported as insecure

  #428 opened 5 years ago by rjgwiz
  2

• Advisories didn't pushed

  #422 opened 5 years ago by j3r3m067
  0

• Wordpress advisories

  #383 opened 6 years ago by MacGyer
  2

• TYPO3 extension advisories

  #401 opened 6 years ago by smichaelsen
  4

• March 2019 magento security releases

  #393 opened 6 years ago by bradjones1
  0

• Drupal security release

  #389 opened 6 years ago by mikkeschiren
  1

• (XSS) vulnerability in Silex before 2.0.0

  #377 opened 6 years ago by onlinesid
  1

• Multiple SQL injection vulnerabilities in the Doctrine\DBAL

  #378 opened 6 years ago by onlinesid
  1

• An error occurred: Could not resolve host: security.sensiolabs.org.

  #375 opened 6 years ago by prajapati-kaushik
  1

• Advisories for Drupal contrib

  #366 opened 6 years ago by eiriksm
  11

• False positive on drupal/search_api_solr

  #373 opened 6 years ago by Pton
  15

• Is there a way to restrict installing abandon libraries because of security issue?

  #372 opened 6 years ago by vijaycs85
  3

• Getting wrong warning - Drupal core 8.5.10

  #361 opened 6 years ago by mikkeschiren
  2

• Issue with security info for root package ezsystems/ezplatform

  #355 opened 6 years ago by andrerom
  12

• SilverStripe security advisories should come from the official RSS feed

  #340 opened 6 years ago by phptek
  4

• Document usage limits for security.sensiolabs.org

  #237 opened 6 years ago by legoktm
  9

• Update SwiftMailer v6 reference

  #321 opened 6 years ago by Simounet
  5

• Timezone of time entries?

  #309 opened 7 years ago by lxp
  2

• [VULN] FOSUserBundle change host location

  #294 opened 7 years ago by grelu
  2

• A few of our of composer lock files do not show advisory warnings using the Client but work using Curl

  #282 opened 7 years ago by alnutile
  1

• random_compat 1.x not insecure if on patched PHP version?

  #259 opened 7 years ago by andrerom
  3

• Support severity ranking in the YAML?

  #176 opened 7 years ago by h4ckninja
  3

• Report security-affected php versions?

  #129 opened 7 years ago by Ocramius
  10

• Implement auto-merging of advisories by a bot

  #218 opened 7 years ago by stof
  5

• typo in phpxmlrpc/extras/2017-10-29.yaml ?

  #245 opened 7 years ago by b4stet
  2

• Advistories typo

  #223 opened 7 years ago by PhilETaylor
  3

• Feature request: extend the schema to allow tags

  #203 opened 8 years ago by andrewhowdencom
  6

• Upcoming Magento security enhancements

  #202 opened 8 years ago by andrewhowdencom
  0

• Updating the database?

  #173 opened 8 years ago by ocramleznem
  0

• Add drupal/core

  #163 opened 8 years ago by davidbarratt
  0

• Yaml parsing fails with `symfony/yaml` 3.0.0

  #130 opened 9 years ago by Ocramius
  2