Error pipeline


I have an issue when pushing my project update, can anyone help me?

Hi,

can you share the .gitlab-ci.yml config file for the report_security job? It seems that your symphony dependencies pull in vulnerable versions - I haven’t worked with PHP and symphony but I would look into composer.lock and likewise the composer config to figure out where this is coming from. Refreshing the dependencies might also help :slight_smile:

Cheers,
Michael

Hi,
you can find your solution on the CVE page : https://symfony.com/blog/cve-2020-5274-fix-exception-message-escaping-rendered-by-errorhandler

Your sympfony version is affected by this CVE and you can resolve it migrate in 4.4.4

1 Like