symfony/process Security Advisories for v2.7.31 (2)
-
[MEDIUM] Symfony's incorrect argument escaping under MSYS2/Git Bash can lead to destructive file operations on Windows
PKSA-rkkf-636k-qjb3 CVE-2026-24739 GHSA-r39x-jcww-82v6
Affected version: >=8.0,<8.0.5|>=7.4,<7.4.5|>=7.3,<7.3.11|>=6.4,<6.4.33|<5.4.51
Reported by:
GitHub -
[HIGH] CVE-2024-51736: Command execution hijack on Windows with Process class
PKSA-wws7-mr54-jsny CVE-2024-51736 GHSA-qq5c-677p-737q
Affected version: >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Reported by:
GitHub, FriendsOfPHP/security-advisories