Security Advisories - symfony/polyfill-intl-idn - Packagist.org

symfony/polyfill-intl-idn Security Advisories for v1.27.0 (1)

CVE-2026-46644: symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload decodes to ASCII-only: insecure equivalence

PKSA-dwsq-ppd2-mb1x CVE-2026-46644

Affected version: >=1.17.1,<1.38.1

Reported by:
FriendsOfPHP/security-advisories