symfont/process typosquatting malware spoofs symfony/process · GHSA-g3j5-mpp2-2fqm · GitHub Advisory Database · GitHub

symfont/process typosquatting malware spoofs symfony/process

High severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database • Updated Jan 26, 2023

Package

symfont/process (Composer)

Affected versions

>= 0

Patched versions

None

Description

In September 2021, security researchers discovered a malicious Composer package called symfont/process, a typosquat targeting users of symfony/process. The malicious package has since been removed from Packagist.

References

Published to the GitHub Advisory Database Jan 26, 2023

Reviewed Jan 26, 2023

Last updated Jan 26, 2023