CVE-2026-48736
Publication date 29 May 2026
Last updated 6 June 2026
Ubuntu priority
Description
[Unknown description]
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| symfony | 26.04 LTS resolute |
Needs evaluation
|
| 25.10 questing |
Needs evaluation
|
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2026-48736
- https://symfony.com/blog/cve-2026-48736-iputils-private-subnets-omits-ipv6-transition-forms-ssrf-bypass-in-noprivatenetworkhttpclient
- https://github.com/symfony/symfony/commit/85b831555be8ea1f43bf01078afe87bc4c92f65e (v6.4.41)
- https://github.com/symfony/symfony/commit/82765368cf74177c36613575182f168a2eb765b2 (v5.4.53)