CVE-2025-64500 - Symfony's incorrect parsing of PATH_INFO can lead to limited authorization bypass
CVE ID : CVE-2025-64500
Published : 12 novembre 2025 22:15 | 24 minutes ago
Description : Symfony is a PHP framework for web and console applications and a set of reusable ...
CVE ID : CVE-2025-64500
Published : 12 novembre 2025 22:15 | 24 minutes ago
Description : Symfony is a PHP framework for web and console applications and a set of reusable ...
CVE-2025-64500 - Symfony's incorrect parsing of PATH_INFO can lead to limited authorization bypass
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony's HttpFoundation component defines an object-oriented layer for the HTTP specification. Starting in version 2.0.0 and prior to version 5.4.50, 6.4.29, and 7.3.7, the `Request` class improperly interprets some `PATH_INFO` in a way …
cvefeed.io
November 13, 2025 at 12:25 AM
CVE-2025-64500 - Symfony's incorrect parsing of PATH_INFO can lead to limited authorization bypass
CVE ID : CVE-2025-64500
Published : 12 novembre 2025 22:15 | 24 minutes ago
Description : Symfony is a PHP framework for web and console applications and a set of reusable ...
CVE ID : CVE-2025-64500
Published : 12 novembre 2025 22:15 | 24 minutes ago
Description : Symfony is a PHP framework for web and console applications and a set of reusable ...
🎉 Something epic is coming for Symfony’s 20th anniversary… 📖
A comic book telling the story of Symfony, 20 years in the making, like never before.
Can you guess what it is?
#Symfony #DevCommunity #PHP
A comic book telling the story of Symfony, 20 years in the making, like never before.
Can you guess what it is?
#Symfony #DevCommunity #PHP
November 5, 2025 at 9:00 AM
🎉 Something epic is coming for Symfony’s 20th anniversary… 📖
A comic book telling the story of Symfony, 20 years in the making, like never before.
Can you guess what it is?
#Symfony #DevCommunity #PHP
A comic book telling the story of Symfony, 20 years in the making, like never before.
Can you guess what it is?
#Symfony #DevCommunity #PHP
Matt Mochalkin walks us through Symfony’s ObjectMapper component, which automates object-to-object transformations with just a few lines of code. A must-read for cleaner, more maintainable Symfony applications!
dev.to/mattleads/ef...
#symfony #php #symfonydevs
dev.to/mattleads/ef...
#symfony #php #symfonydevs
Effortless Data Mapping in Symfony: A Deep Dive into the ObjectMapper!
Imagine you’re building a modern API with Symfony. You’re meticulous about your architecture,...
dev.to
October 28, 2025 at 10:01 AM
Matt Mochalkin walks us through Symfony’s ObjectMapper component, which automates object-to-object transformations with just a few lines of code. A must-read for cleaner, more maintainable Symfony applications!
dev.to/mattleads/ef...
#symfony #php #symfonydevs
dev.to/mattleads/ef...
#symfony #php #symfonydevs
🚴♂️ #SymfonyCon Amsterdam 2025 is just 1 month away! 🌷
We’re proud to be a Diamond Sponsor
Can’t wait to celebrate Symfony’s 20th anniversary with the community! 🥳
📅 Nov 27–28 |📍Amsterdam
👉 tinyurl.com/29ua6pfe
We’re proud to be a Diamond Sponsor
Can’t wait to celebrate Symfony’s 20th anniversary with the community! 🥳
📅 Nov 27–28 |📍Amsterdam
👉 tinyurl.com/29ua6pfe
October 27, 2025 at 3:47 PM
🚴♂️ #SymfonyCon Amsterdam 2025 is just 1 month away! 🌷
We’re proud to be a Diamond Sponsor
Can’t wait to celebrate Symfony’s 20th anniversary with the community! 🥳
📅 Nov 27–28 |📍Amsterdam
👉 tinyurl.com/29ua6pfe
We’re proud to be a Diamond Sponsor
Can’t wait to celebrate Symfony’s 20th anniversary with the community! 🥳
📅 Nov 27–28 |📍Amsterdam
👉 tinyurl.com/29ua6pfe
⏳ Exactly 30 days to go! SymfonyCon Amsterdam 2025 is almost here! :fusée:
Celebrate 20 years of Symfony, bring your best ideas, your energy and get ready for two days of connecting with Symfony's Global community! 💜
#SymfonyCon #Amsterdam2025 #PHP #Symfony
Celebrate 20 years of Symfony, bring your best ideas, your energy and get ready for two days of connecting with Symfony's Global community! 💜
#SymfonyCon #Amsterdam2025 #PHP #Symfony
October 27, 2025 at 2:10 PM
⏳ Exactly 30 days to go! SymfonyCon Amsterdam 2025 is almost here! :fusée:
Celebrate 20 years of Symfony, bring your best ideas, your energy and get ready for two days of connecting with Symfony's Global community! 💜
#SymfonyCon #Amsterdam2025 #PHP #Symfony
Celebrate 20 years of Symfony, bring your best ideas, your energy and get ready for two days of connecting with Symfony's Global community! 💜
#SymfonyCon #Amsterdam2025 #PHP #Symfony
The schedule for SymfonyCon Amsterdam 2025 is live! Over 35 expert speakers, 13 workshops, an unconference track, and Symfony’s 20th anniversary celebration. Be there 25–28 November!
symfony.cmail19.com/t/y-e-qhjtik...
#symfony #symfonycon
symfony.cmail19.com/t/y-e-qhjtik...
#symfony #symfonycon
Regular tickets Ends Wednesday! – Are you ready? 🎉
🎟️ Regular tickets ends tomorrow (October 8th, 23:59 CET)! Don’t miss your chance to secure your seat before prices increase by choosing one of the following options:
symfony.cmail19.com
October 24, 2025 at 7:00 AM
The schedule for SymfonyCon Amsterdam 2025 is live! Over 35 expert speakers, 13 workshops, an unconference track, and Symfony’s 20th anniversary celebration. Be there 25–28 November!
symfony.cmail19.com/t/y-e-qhjtik...
#symfony #symfonycon
symfony.cmail19.com/t/y-e-qhjtik...
#symfony #symfonycon
Map DTOs to Entities in Symfony with ObjectMapper
Symfony’s ObjectMapper eliminates repetitive DTO-to-entity code by mapping objects directly (no array round-trip), supports updates to existing entities, and offers fine-grained control via #[Map] for renaming, transforming, and …
#hackernews #news
Symfony’s ObjectMapper eliminates repetitive DTO-to-entity code by mapping objects directly (no array round-trip), supports updates to existing entities, and offers fine-grained control via #[Map] for renaming, transforming, and …
#hackernews #news
Map DTOs to Entities in Symfony with ObjectMapper
Symfony’s ObjectMapper eliminates repetitive DTO-to-entity code by mapping objects directly (no array round-trip), supports updates to existing entities, and offers fine-grained control via #[Map] for renaming, transforming, and conditional mapping. It plays nicely with modern workflows (#[MapRequestPayload] for DTOs, then map to domain), keeps controllers lean, improves testability in hexagonal architectures, and can ease legacy refactors. Use the Serializer for format conversion; use ObjectMapper for object-to-object. Although currently experimental, it already delivers cleaner, faster, and more maintainable API layers.
hackernoon.com
October 15, 2025 at 7:41 PM
Map DTOs to Entities in Symfony with ObjectMapper
Symfony’s ObjectMapper eliminates repetitive DTO-to-entity code by mapping objects directly (no array round-trip), supports updates to existing entities, and offers fine-grained control via #[Map] for renaming, transforming, and …
#hackernews #news
Symfony’s ObjectMapper eliminates repetitive DTO-to-entity code by mapping objects directly (no array round-trip), supports updates to existing entities, and offers fine-grained control via #[Map] for renaming, transforming, and …
#hackernews #news
Everything You Can Expect With Symfony 7.4
Symfony’s Core Team crammed this release with big Developer Experience (DX) improvements, sweet performance gains, and vital architecture tweaks.
#hackernews #news
Symfony’s Core Team crammed this release with big Developer Experience (DX) improvements, sweet performance gains, and vital architecture tweaks.
#hackernews #news
Everything You Can Expect With Symfony 7.4
Symfony’s Core Team crammed this release with big Developer Experience (DX) improvements, sweet performance gains, and vital architecture tweaks.
hackernoon.com
October 15, 2025 at 12:43 AM
Everything You Can Expect With Symfony 7.4
Symfony’s Core Team crammed this release with big Developer Experience (DX) improvements, sweet performance gains, and vital architecture tweaks.
#hackernews #news
Symfony’s Core Team crammed this release with big Developer Experience (DX) improvements, sweet performance gains, and vital architecture tweaks.
#hackernews #news
Symfony’s Core Team crammed this release with big Developer Experience (DX) improvements, sweet performance gains, and vital architecture tweaks. #symfony
Everything You Can Expect With Symfony 7.4
hackernoon.com
October 14, 2025 at 4:59 AM
Symfony’s Core Team crammed this release with big Developer Experience (DX) improvements, sweet performance gains, and vital architecture tweaks. #symfony
Last talk of the day #ForumPHP by @mtarld.bsky.social for a deep dive into #Symfony’s BC promise and how to handle deprecations like you manage dirty socks 🧦
October 10, 2025 at 2:17 PM
Last talk of the day #ForumPHP by @mtarld.bsky.social for a deep dive into #Symfony’s BC promise and how to handle deprecations like you manage dirty socks 🧦
Performance boost round 2: we'll Use Symfony’s Cache Contracts to cut DB queries - and check out cache tagging!
Performance Optimization 1: Caching
We have some in-memory memoization happening to reduce database calls, but, only for the duration of a single request. We're still seeing 4 queries on the French homepage
symfonycasts.com
October 10, 2025 at 9:02 AM
Performance boost round 2: we'll Use Symfony’s Cache Contracts to cut DB queries - and check out cache tagging!
Symfony’s Webhook and RemoteEvent components power secure, scalable, real-time apps and enable true two-way communication. #ai
Building Two-Way Conversations Between Apps
hackernoon.com
September 25, 2025 at 5:08 AM
Symfony’s Webhook and RemoteEvent components power secure, scalable, real-time apps and enable true two-way communication. #ai
#SymfonyCon Amsterdam 2025: Speaker announcement! 🎤
💻 Rediscover the Console
Join Robin Chalas to explore Symfony’s most ubiquitous component, its brand-new redesign in 7.3, and the possibilities it unlocks for the future! https://symfony.com/blog/symfonycon-amsterdam-2025-rediscover-the-console
💻 Rediscover the Console
Join Robin Chalas to explore Symfony’s most ubiquitous component, its brand-new redesign in 7.3, and the possibilities it unlocks for the future! https://symfony.com/blog/symfonycon-amsterdam-2025-rediscover-the-console
September 23, 2025 at 12:31 PM
#SymfonyCon Amsterdam 2025: Speaker announcement! 🎤
💻 Rediscover the Console
Join Robin Chalas to explore Symfony’s most ubiquitous component, its brand-new redesign in 7.3, and the possibilities it unlocks for the future! https://symfony.com/blog/symfonycon-amsterdam-2025-rediscover-the-console
💻 Rediscover the Console
Join Robin Chalas to explore Symfony’s most ubiquitous component, its brand-new redesign in 7.3, and the possibilities it unlocks for the future! https://symfony.com/blog/symfonycon-amsterdam-2025-rediscover-the-console
Laravel Tip 💡: Detect User Language
Laravel uses Symfony's HttpFoundation component, which comes with some nice goodies. If you are working with localization and need to detect the user's preferred language, you can just call "getPreferredLanguage" 🚀
#laravel
Laravel uses Symfony's HttpFoundation component, which comes with some nice goodies. If you are working with localization and need to detect the user's preferred language, you can just call "getPreferredLanguage" 🚀
#laravel
September 14, 2025 at 6:57 PM
Laravel Tip 💡: Detect User Language
Laravel uses Symfony's HttpFoundation component, which comes with some nice goodies. If you are working with localization and need to detect the user's preferred language, you can just call "getPreferredLanguage" 🚀
#laravel
Laravel uses Symfony's HttpFoundation component, which comes with some nice goodies. If you are working with localization and need to detect the user's preferred language, you can just call "getPreferredLanguage" 🚀
#laravel
🚨 #APIPlatformCon speaker reveal! We're very glad to welcome Imen Ezzine from @sensiolabs.com. Don’t miss her talk: “Symfony et l’Injection de Dépendances : Du passé au futur”, a journey through Dependency Injection and how it shapes performance and simplicity.
api-platform.com/fr/con/2025
api-platform.com/fr/con/2025
September 3, 2025 at 10:09 AM
🚨 #APIPlatformCon speaker reveal! We're very glad to welcome Imen Ezzine from @sensiolabs.com. Don’t miss her talk: “Symfony et l’Injection de Dépendances : Du passé au futur”, a journey through Dependency Injection and how it shapes performance and simplicity.
api-platform.com/fr/con/2025
api-platform.com/fr/con/2025
#Drupal core change: Symfony's `File` validation constraint is now available to all core code (2025-08-28) #PHP. See https://www.drupal.org/node/3537390
August 28, 2025 at 10:30 AM
#Drupal core change: Symfony's `File` validation constraint is now available to all core code (2025-08-28) #PHP. See https://www.drupal.org/node/3537390
Join the Symfony community in Amsterdam on 29 November for a free hackathon! Contribute to Symfony’s future, get mentored as a new contributor, and help improve testing and security. Can’t make it? Join remotely on GitHub!
symfony.com/blog/symfony...
#symfony #hackathon #opensource
symfony.com/blog/symfony...
#symfony #hackathon #opensource
SymfonyCon Amsterdam 2025: Join the Symfony Hackathon: Collaborate, Contribute, Create (Symfony Blog)
Ready to contribute to Symfony? On Nov 29, we’re hosting a Hackday in Amsterdam focused on mentoring, roadmap planning, testing, and more. Come shape the future of Symfony!
bit.ly
August 22, 2025 at 7:00 AM
Join the Symfony community in Amsterdam on 29 November for a free hackathon! Contribute to Symfony’s future, get mentored as a new contributor, and help improve testing and security. Can’t make it? Join remotely on GitHub!
symfony.com/blog/symfony...
#symfony #hackathon #opensource
symfony.com/blog/symfony...
#symfony #hackathon #opensource
Hot Tip Wednesday! Need dynamic options in your select fields? Use Symfony’s expression language to populate dropdowns with service data! Perfect for API-driven choices, localized options, and maintainable select lists.
docs.sulu.io/en/2.6/cookb...
#sulucms #symfony
docs.sulu.io/en/2.6/cookb...
#sulucms #symfony
August 20, 2025 at 7:00 AM
Hot Tip Wednesday! Need dynamic options in your select fields? Use Symfony’s expression language to populate dropdowns with service data! Perfect for API-driven choices, localized options, and maintainable select lists.
docs.sulu.io/en/2.6/cookb...
#sulucms #symfony
docs.sulu.io/en/2.6/cookb...
#sulucms #symfony
How can we *consume* messages from the queue asynchronously? By running Symfony’s worker command: php bin/console messenger:consume Dispatching new messages and watching them get handled async automatically? Gorgeous!
Worker Command
Even if I refresh the page, now that our messages aren't being handled immediately... the four most recent photos don't have Ponka in them. That's tragic! Instead, those messages were sent to the…
symfonycasts.com
August 18, 2025 at 9:04 AM
How can we *consume* messages from the queue asynchronously? By running Symfony’s worker command: php bin/console messenger:consume Dispatching new messages and watching them get handled async automatically? Gorgeous!
Not sure how I should take that answer from Claude 😅
July 12, 2025 at 10:11 AM
Not sure how I should take that answer from Claude 😅
🎤 Speaker Announcement
Alexander M. Turek joins @pimcore.bsky.social Community Dev Days with his talk "Deep Dive into Symfony's Dependency Injection Component".
📍 Frankfurt am Main
📅 13 November 2025
ℹ️ More 🔗 t1p.de/exsej
🎟️ Tickets 🔗 t1p.de/hlbkj
👔 LinkedIn 🔗 t1p.de/6xssv
#Pimcore #Symfony
Alexander M. Turek joins @pimcore.bsky.social Community Dev Days with his talk "Deep Dive into Symfony's Dependency Injection Component".
📍 Frankfurt am Main
📅 13 November 2025
ℹ️ More 🔗 t1p.de/exsej
🎟️ Tickets 🔗 t1p.de/hlbkj
👔 LinkedIn 🔗 t1p.de/6xssv
#Pimcore #Symfony
![Announcement graphic for Pimcore Community Dev Days 2025, featuring speaker Alexander M. Turek. On the left, event details including the session title 'Deep Dive into Symfony's Dependency Injection Component' and logos for +Pluswerk and Pimcore Dev Days. On the right, a photo of Alexander M. Turek and his logo '[AMT]' against a background of binary code.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:gq65gny6nzzgbadtsfy2esak/bafkreiddxn4tzbboe4d2enlxtjbmrlnj5f6rgjb32gkpuryzvfw33ce2wi@jpeg)
July 11, 2025 at 6:12 PM
🎤 Speaker Announcement
Alexander M. Turek joins @pimcore.bsky.social Community Dev Days with his talk "Deep Dive into Symfony's Dependency Injection Component".
📍 Frankfurt am Main
📅 13 November 2025
ℹ️ More 🔗 t1p.de/exsej
🎟️ Tickets 🔗 t1p.de/hlbkj
👔 LinkedIn 🔗 t1p.de/6xssv
#Pimcore #Symfony
Alexander M. Turek joins @pimcore.bsky.social Community Dev Days with his talk "Deep Dive into Symfony's Dependency Injection Component".
📍 Frankfurt am Main
📅 13 November 2025
ℹ️ More 🔗 t1p.de/exsej
🎟️ Tickets 🔗 t1p.de/hlbkj
👔 LinkedIn 🔗 t1p.de/6xssv
#Pimcore #Symfony
Laravel boosts Symfony's vibe; PestPHP cranks PHPUnit's tests! 🐘
What's your favourite PHP tool or project? 🤔
What's your favourite PHP tool or project? 🤔
June 23, 2025 at 12:17 PM
Laravel boosts Symfony's vibe; PestPHP cranks PHPUnit's tests! 🐘
What's your favourite PHP tool or project? 🤔
What's your favourite PHP tool or project? 🤔
yes, we’ve got typescript in php: phpstan. rector to refactor legacy code in seconds, and symfony’s var-dumper for the best debugger in the world. ✨ youtube.com/shorts/M_5e3...
TypeScript in PHP?! Refactor Legacy Code and the BEST Debugger Ever!
YouTube video by Nuno Maduro
youtube.com
June 10, 2025 at 10:36 AM
yes, we’ve got typescript in php: phpstan. rector to refactor legacy code in seconds, and symfony’s var-dumper for the best debugger in the world. ✨ youtube.com/shorts/M_5e3...
📦 sunkan/console-select 4.0.0
A fancy selection interface for symfony's console component.
🔗 https://github.com/sunkan/console-select
A fancy selection interface for symfony's console component.
🔗 https://github.com/sunkan/console-select
May 26, 2025 at 11:10 AM
📦 sunkan/console-select 4.0.0
A fancy selection interface for symfony's console component.
🔗 https://github.com/sunkan/console-select
A fancy selection interface for symfony's console component.
🔗 https://github.com/sunkan/console-select