This check works by comparing the composer.lock against an open vulnerability database. A clean check does not mean there are absolutely no security problems whatsoever.

2.0.3 2018-04-20 09:44 UTC


This extension provides a way to automatically or manually check your installed vendor extensions and the Contao core against the open vulnerability database at FriendsOfPHP/security-advisories.

Author Software License Total Downloads


Features included:

  • Perform the check regularly.
  • Get an E-Mail if the audit failed in any way. (Or always get an email if a check was performed. Your choice.)
  • Start the check manually.
  • Suppress notifications for manually started checks.



Note: A clean check does not imply that there are no security problems present, it just means that the test against the underlying database reveiled nothing.