Affected versions
Symfony UX symfony/ux-live-component and symfony/ux-twig-component versions <2.25.1 are affected by this security issue.
The issue has been fixed in the 2.25.1 version of these packages.
Description
Rendering {{ attributes }} or using… https://symfony.com/blog/symfony-ux-cve-2025-47946-unsanitized-html-attribute-injection-via-componentattributes?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony has been reducing the need for configuration in applications for several years now. Thanks to PHP attributes, you can now configure most things alongside the relevant code, removing the need for external files and formats like YAML. However, YAML… https://symfony.com/blog/new-in-symfony-7-3-yaml-improvements?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
This week, development activity focused on polishing Symfony 7.3 ahead of its final release in two weeks. We also continued publishing articles highlighting the new features of Symfony 7.3 and shared updates about the upcoming SymfonyOnline June 2025 conference.… https://symfony.com/blog/a-week-of-symfony-959-may-12-18-2025?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
SymfonyOnline June 2025 is almost here, starting in a few weeks on:
June 10-11: Workshop days. June 12-13: Online conference days in English. All talks will be available for replay as soon as they go live.
🎤 Talk announcement, Fabien Potencier… https://symfony.com/blog/symfonyonline-june-2025-keynote-symfony-in-2025-scaling-to-zero?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony 7.3 introduces several enhancements to the DependencyInjection component that simplify service configuration, make autoconfiguration more flexible, and enable environment-specific aliasing.
Service Closure Shorthand… https://symfony.com/blog/new-in-symfony-7-3-dependency-injection-improvements?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Contributed by Nicolas Grekas in
59813…
SymfonyOnline June 2025 is almost here, starting in almost 2 months on:
June 10-11: Workshop days. It is possible to attend 1 two-day training or 2 one-day trainings. June 12-13: Online conference days in English. All talks will be available for… https://symfony.com/blog/symfonyonline-june-2025-building-an-automated-trading-system-with-symfony?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony security includes several significant improvements and new features in Symfony 7.3.
Deprecate eraseCredentials() Method… https://symfony.com/blog/new-in-symfony-7-3-security-improvements?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
SymfonyOnline June 2025 is almost here, starting in almost 2 months on:
June 10-11: Workshop days June 12-13: Online conference days in English. All talks will be available for replay as soon as they go live
🎤Talk announcement
👏We’re happy to… https://symfony.com/blog/symfonyonline-june-2025-demystify-the-magic-of-the-container?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Contributed by Antoine Bluchet in
51741
and…