Hi,
can you share the .gitlab-ci.yml config file for the report_security job? It seems that your symphony dependencies pull in vulnerable versions - I haven’t worked with PHP and symphony but I would look into composer.lock and likewise the composer config to figure out where this is coming from. Refreshing the dependencies might also help 
Cheers,
Michael
Hi,
you can find your solution on the CVE page : https://symfony.com/blog/cve-2020-5274-fix-exception-message-escaping-rendered-by-errorhandler
Your sympfony version is affected by this CVE and you can resolve it migrate in 4.4.4
1 Like