symfony/symfony is vulnerable to arbitrary code execution. The vulnerability exists as the VarExporter
does not properly escape strings, allowing strings with newlines to be executed.
github.com/symfony/symfony/commit/0524868cbf3d3a36e0af804432016d5a6d98169a
github.com/symfony/symfony/commit/d446d7733abd8807ff43e7a689065e6ebc48e32a
github.com/symfony/symfony/releases/tag/v4.3.8
github.com/symfony/var-exporter/compare/d8bf442...57e00f3
symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter
symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
symfony.com/blog/symfony-4-3-8-released