All the vulnerabilites related to sensiolabs - symfony
cve-2017-16653
Vulnerability from cvelistv5
Published
2018-08-06 21:00
Modified
2024-08-05 20:27
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version >=2) does not use different tokens for HTTP and HTTPS; therefore the token is subject to MITM attacks on HTTP and can then be used in an HTTPS context to do CSRF attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/pull/24992 | x_refsource_CONFIRM | |
| https://www.debian.org/security/2018/dsa-4262 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:04.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/24992"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version \u003e=2) does not use different tokens for HTTP and HTTPS; therefore the token is subject to MITM attacks on HTTP and can then be used in an HTTPS context to do CSRF attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-06T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/pull/24992"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version \u003e=2) does not use different tokens for HTTP and HTTPS; therefore the token is subject to MITM attacks on HTTP and can then be used in an HTTPS context to do CSRF attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https"
},
{
"name": "https://github.com/symfony/symfony/pull/24992",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/pull/24992"
},
{
"name": "DSA-4262",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16653",
"datePublished": "2018-08-06T21:00:00",
"dateReserved": "2017-11-07T00:00:00",
"dateUpdated": "2024-08-05T20:27:04.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21424
Vulnerability from cvelistv5
Published
2021-05-13 00:00
Modified
2024-08-03 18:09
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:09:16.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011"
},
{
"name": "FEDORA-2021-f3ad34aa9f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4/"
},
{
"name": "FEDORA-2021-121edb82dd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3/"
},
{
"name": "FEDORA-2021-c57937ab9f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW/"
},
{
"name": "FEDORA-2021-2d145b95f6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M/"
},
{
"name": "[debian-lts-announce] 20230711 [SECURITY] [DLA 3493-1] symfony security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.8.0, \u003c 3.4.48"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.4.23"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.2.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T00:00:00",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68"
},
{
"url": "https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011"
},
{
"name": "FEDORA-2021-f3ad34aa9f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4/"
},
{
"name": "FEDORA-2021-121edb82dd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3/"
},
{
"name": "FEDORA-2021-c57937ab9f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW/"
},
{
"name": "FEDORA-2021-2d145b95f6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M/"
},
{
"name": "[debian-lts-announce] 20230711 [SECURITY] [DLA 3493-1] symfony security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"source": {
"advisory": "GHSA-5pv8-ppvj-4h68",
"discovery": "UNKNOWN"
},
"title": "Prevent user enumeration using Guard or the new Authenticator-based Security"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-21424",
"datePublished": "2021-05-13T00:00:00",
"dateReserved": "2020-12-22T00:00:00",
"dateUpdated": "2024-08-03T18:09:16.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18343
Vulnerability from cvelistv5
Published
2018-07-20 00:00
Modified
2024-08-05 21:20
Severity ?
EPSS score ?
Summary
The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /_debugbar/open?op=get URI. NOTE: the vendor's position is that this is not a vulnerability because the debug tools are not intended for production use. NOTE: the Symfony Debug component is used by Laravel Debugbar
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/pull/23684 | x_refsource_MISC | |
| https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c | x_refsource_MISC | |
| https://github.com/symfony/symfony/issues/27987 | x_refsource_MISC | |
| https://github.com/barryvdh/laravel-debugbar/issues/850 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:20:50.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/23684"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/issues/27987"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/barryvdh/laravel-debugbar/issues/850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /_debugbar/open?op=get URI. NOTE: the vendor\u0027s position is that this is not a vulnerability because the debug tools are not intended for production use. NOTE: the Symfony Debug component is used by Laravel Debugbar"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-19T23:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/23684"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/issues/27987"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/barryvdh/laravel-debugbar/issues/850"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /_debugbar/open?op=get URI. NOTE: the vendor\u0027s position is that this is not a vulnerability because the debug tools are not intended for production use. NOTE: the Symfony Debug component is used by Laravel Debugbar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/pull/23684",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/23684"
},
{
"name": "https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c",
"refsource": "MISC",
"url": "https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c"
},
{
"name": "https://github.com/symfony/symfony/issues/27987",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/issues/27987"
},
{
"name": "https://github.com/barryvdh/laravel-debugbar/issues/850",
"refsource": "MISC",
"url": "https://github.com/barryvdh/laravel-debugbar/issues/850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18343",
"datePublished": "2018-07-20T00:00:00",
"dateReserved": "2018-07-19T00:00:00",
"dateUpdated": "2024-08-05T21:20:50.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-11385
Vulnerability from cvelistv5
Published
2018-06-13 16:00
Modified
2024-08-05 08:10
Severity ?
EPSS score ?
Summary
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/ | vendor-advisory, x_refsource_FEDORA | |
| https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2018/dsa-4262 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:10:13.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the \"Guard\" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-10T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the \"Guard\" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2018-96d770ddc9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication"
},
{
"name": "FEDORA-2018-eba0006df2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "DSA-4262",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11385",
"datePublished": "2018-06-13T16:00:00",
"dateReserved": "2018-05-22T00:00:00",
"dateUpdated": "2024-08-05T08:10:13.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10911
Vulnerability from cvelistv5
Published
2019-05-16 21:29
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_19_19 | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-09T13:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"name": "https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash"
},
{
"name": "https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10911",
"datePublished": "2019-05-16T21:29:34",
"dateReserved": "2019-04-07T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10912
Vulnerability from cvelistv5
Published
2019-05-16 21:20
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized"
},
{
"name": "FEDORA-2019-0ef4149687",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/"
},
{
"name": "FEDORA-2019-f5d6a7ce74",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/"
},
{
"name": "FEDORA-2019-2a7f472198",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/"
},
{
"name": "FEDORA-2019-8635280de5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/"
},
{
"name": "FEDORA-2019-3ee6a7adf2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/"
},
{
"name": "FEDORA-2019-a3ca65028c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/"
},
{
"name": "FEDORA-2019-f8db687840",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/"
},
{
"name": "FEDORA-2019-32067d8b15",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-12T13:32:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized"
},
{
"name": "FEDORA-2019-0ef4149687",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/"
},
{
"name": "FEDORA-2019-f5d6a7ce74",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/"
},
{
"name": "FEDORA-2019-2a7f472198",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/"
},
{
"name": "FEDORA-2019-8635280de5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/"
},
{
"name": "FEDORA-2019-3ee6a7adf2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/"
},
{
"name": "FEDORA-2019-a3ca65028c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/"
},
{
"name": "FEDORA-2019-f8db687840",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/"
},
{
"name": "FEDORA-2019-32067d8b15",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized"
},
{
"name": "FEDORA-2019-0ef4149687",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/"
},
{
"name": "FEDORA-2019-f5d6a7ce74",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/"
},
{
"name": "FEDORA-2019-2a7f472198",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/"
},
{
"name": "FEDORA-2019-8635280de5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/"
},
{
"name": "FEDORA-2019-3ee6a7adf2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/"
},
{
"name": "FEDORA-2019-a3ca65028c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/"
},
{
"name": "FEDORA-2019-f8db687840",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/"
},
{
"name": "FEDORA-2019-32067d8b15",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/"
},
{
"name": "DSA-4441",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"name": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/",
"refsource": "CONFIRM",
"url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10912",
"datePublished": "2019-05-16T21:20:12",
"dateReserved": "2019-04-07T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23601
Vulnerability from cvelistv5
Published
2022-02-01 12:17
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "5.3.14"
},
{
"status": "affected",
"version": "5.4.3"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-01T12:17:35",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
}
],
"source": {
"advisory": "GHSA-vvmr-8829-6whx",
"discovery": "UNKNOWN"
},
"title": "CSRF token missing in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-23601",
"STATE": "PUBLIC",
"TITLE": "CSRF token missing in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.3.14",
"version_value": "5.3.14"
},
{
"version_affected": "=",
"version_name": "5.4.3",
"version_value": "5.4.3"
},
{
"version_affected": "=",
"version_name": "6.0.3",
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
},
{
"name": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
}
]
},
"source": {
"advisory": "GHSA-vvmr-8829-6whx",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23601",
"datePublished": "2022-02-01T12:17:35",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:43:46.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1348
Vulnerability from cvelistv5
Published
2014-06-02 15:00
Modified
2024-08-06 14:57
Severity ?
EPSS score ?
Summary
The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/81550 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/51980 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/57574 | vdb-entry, x_refsource_BID | |
| http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:05.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "symfony-php-files-code-execution(81550)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81550"
},
{
"name": "51980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51980"
},
{
"name": "57574",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "symfony-php-files-code-execution(81550)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81550"
},
{
"name": "51980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51980"
},
{
"name": "57574",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "symfony-php-files-code-execution(81550)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81550"
},
{
"name": "51980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51980"
},
{
"name": "57574",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57574"
},
{
"name": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1348",
"datePublished": "2014-06-02T15:00:00",
"dateReserved": "2013-01-14T00:00:00",
"dateUpdated": "2024-08-06T14:57:05.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-19790
Vulnerability from cvelistv5
Published
2018-12-18 22:00
Modified
2024-08-05 11:44
Severity ?
EPSS score ?
Summary
An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/ | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/106249 | vdb-entry, x_refsource_BID | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/ | vendor-advisory, x_refsource_FEDORA | |
| https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http | x_refsource_CONFIRM | |
| https://www.debian.org/security/2019/dsa-4441 | vendor-advisory, x_refsource_DEBIAN | |
| https://seclists.org/bugtraq/2019/May/21 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:44:20.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2018-8c06b6defd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"name": "FEDORA-2018-66547a8c14",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"name": "106249",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "FEDORA-2018-6edf04d9d6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-10T15:06:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2018-8c06b6defd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"name": "FEDORA-2018-66547a8c14",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"name": "106249",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "FEDORA-2018-6edf04d9d6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2018-8c06b6defd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"name": "FEDORA-2018-66547a8c14",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"name": "106249",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106249"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "FEDORA-2018-6edf04d9d6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"name": "https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http"
},
{
"name": "DSA-4441",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/21"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19790",
"datePublished": "2018-12-18T22:00:00",
"dateReserved": "2018-12-02T00:00:00",
"dateUpdated": "2024-08-05T11:44:20.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6432
Vulnerability from cvelistv5
Published
2012-12-27 11:00
Modified
2024-09-16 20:06
Severity ?
EPSS score ?
Summary
Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI beginning with a /_internal substring.
References
| ▼ | URL | Tags |
|---|---|---|
| http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI beginning with a /_internal substring."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-27T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI beginning with a /_internal substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6432",
"datePublished": "2012-12-27T11:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T20:06:59.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1397
Vulnerability from cvelistv5
Published
2014-06-02 15:00
Modified
2024-08-06 14:57
Severity ?
EPSS score ?
Summary
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/51980 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/57574 | vdb-entry, x_refsource_BID | |
| http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/81551 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:05.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51980"
},
{
"name": "57574",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
},
{
"name": "symfony-php-objects-code-execution(81551)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\\Parser::parse function, a different vulnerability than CVE-2013-1348."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "51980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51980"
},
{
"name": "57574",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
},
{
"name": "symfony-php-objects-code-execution(81551)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81551"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\\Parser::parse function, a different vulnerability than CVE-2013-1348."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51980"
},
{
"name": "57574",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57574"
},
{
"name": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
},
{
"name": "symfony-php-objects-code-execution(81551)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81551"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1397",
"datePublished": "2014-06-02T15:00:00",
"dateReserved": "2013-01-16T00:00:00",
"dateUpdated": "2024-08-06T14:57:05.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-41267
Vulnerability from cvelistv5
Published
2021-11-24 18:55
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/pull/44243 | x_refsource_MISC | |
| https://github.com/symfony/symfony/releases/tag/v5.3.12 | x_refsource_MISC | |
| https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the \"trusted_headers\" allowed list are ignored and protect users from \"Cache poisoning\" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the \"trusted_headers\" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T18:55:17",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
}
],
"source": {
"advisory": "GHSA-q3j3-w37x-hq2q",
"discovery": "UNKNOWN"
},
"title": "Webcache Poisoning in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41267",
"STATE": "PUBLIC",
"TITLE": "Webcache Poisoning in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.2.0, \u003c 5.3.12"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the \"trusted_headers\" allowed list are ignored and protect users from \"Cache poisoning\" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the \"trusted_headers\" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/pull/44243",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v5.3.12",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
},
{
"name": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
}
]
},
"source": {
"advisory": "GHSA-q3j3-w37x-hq2q",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41267",
"datePublished": "2021-11-24T18:55:17",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-14774
Vulnerability from cvelistv5
Published
2018-08-03 17:00
Modified
2024-08-05 09:38
Severity ?
EPSS score ?
Summary
An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:13.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-03T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a"
},
{
"name": "https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14774",
"datePublished": "2018-08-03T17:00:00",
"dateReserved": "2018-07-31T00:00:00",
"dateUpdated": "2024-08-05T09:38:13.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-41268
Vulnerability from cvelistv5
Published
2021-11-24 18:55
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/pull/44243 | x_refsource_MISC | |
| https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc | x_refsource_MISC | |
| https://github.com/symfony/symfony/releases/tag/v5.3.12 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T18:55:12",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
}
],
"source": {
"advisory": "GHSA-qw36-p97w-vcqr",
"discovery": "UNKNOWN"
},
"title": "Cookie persistence in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41268",
"STATE": "PUBLIC",
"TITLE": "Cookie persistence in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.12"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384: Session Fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
},
{
"name": "https://github.com/symfony/symfony/pull/44243",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"name": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v5.3.12",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
}
]
},
"source": {
"advisory": "GHSA-qw36-p97w-vcqr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41268",
"datePublished": "2021-11-24T18:55:12",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18887
Vulnerability from cvelistv5
Published
2019-11-21 22:18
Modified
2024-08-05 02:02
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/symfony-4-3-8-released | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/releases/tag/v4.3.8 | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner"
},
{
"name": "FEDORA-2019-9c2ad3b018",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"name": "FEDORA-2019-5ae4fd9203",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"name": "FEDORA-2019-8b0ba02338",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-22T02:07:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner"
},
{
"name": "FEDORA-2019-9c2ad3b018",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"name": "FEDORA-2019-5ae4fd9203",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"name": "FEDORA-2019-8b0ba02338",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/symfony-4-3-8-released",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v4.3.8",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"name": "https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner"
},
{
"name": "FEDORA-2019-9c2ad3b018",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"name": "FEDORA-2019-5ae4fd9203",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"name": "FEDORA-2019-8b0ba02338",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18887",
"datePublished": "2019-11-21T22:18:04",
"dateReserved": "2019-11-12T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46733
Vulnerability from cvelistv5
Published
2023-11-10 17:09
Modified
2024-09-03 15:36
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9 | x_refsource_MISC | |
| https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:20.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
},
{
"name": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9"
},
{
"name": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:11:06.472668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:36:38.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.21, \u003c 5.4.31"
},
{
"status": "affected",
"version": "\u003e= 6.2.7, \u003c 6.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn\u0027t change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T17:09:13.936Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
},
{
"name": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9"
},
{
"name": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74"
}
],
"source": {
"advisory": "GHSA-m2wj-r6g3-fxfx",
"discovery": "UNKNOWN"
},
"title": "Symfony possible session fixation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46733",
"datePublished": "2023-11-10T17:09:13.936Z",
"dateReserved": "2023-10-25T14:30:33.752Z",
"dateUpdated": "2024-09-03T15:36:38.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-11406
Vulnerability from cvelistv5
Published
2018-06-13 16:00
Modified
2024-08-05 08:10
Severity ?
EPSS score ?
Summary
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/ | vendor-advisory, x_refsource_FEDORA | |
| https://symfony.com/blog/cve-2018-11406-csrf-token-fixation | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/ | vendor-advisory, x_refsource_FEDORA | |
| https://www.debian.org/security/2018/dsa-4262 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:10:14.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-11406-csrf-token-fixation"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user\u0027s session is invalidated when the user is logged out. This behavior can be disabled through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-05T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-11406-csrf-token-fixation"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user\u0027s session is invalidated when the user is logged out. This behavior can be disabled through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2018-96d770ddc9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "https://symfony.com/blog/cve-2018-11406-csrf-token-fixation",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-11406-csrf-token-fixation"
},
{
"name": "FEDORA-2018-eba0006df2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "DSA-4262",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11406",
"datePublished": "2018-06-13T16:00:00",
"dateReserved": "2018-05-24T00:00:00",
"dateUpdated": "2024-08-05T08:10:14.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24895
Vulnerability from cvelistv5
Published
2023-02-03 21:45
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m"
},
{
"name": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946"
},
{
"name": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4"
},
{
"name": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 4.4.50"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.4.20"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.0.20"
},
{
"status": "affected",
"version": "\u003e= 6.1.0, \u003c 6.1.12"
},
{
"status": "affected",
"version": "\u003e= 6.2.0, \u003c 6.2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch. \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T21:45:26.887Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m"
},
{
"name": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946"
},
{
"name": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4"
},
{
"name": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"source": {
"advisory": "GHSA-3gv2-29qc-v67m",
"discovery": "UNKNOWN"
},
"title": "Symfony vulnerable to Session Fixation of CSRF tokens"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24895",
"datePublished": "2023-02-03T21:45:26.887Z",
"dateReserved": "2022-02-10T16:41:34.956Z",
"dateUpdated": "2024-08-03T04:29:01.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12040
Vulnerability from cvelistv5
Published
2018-06-13 22:00
Modified
2024-08-05 08:24
Severity ?
EPSS score ?
Summary
Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don't handle those issues as security issues).
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/542071/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:24:03.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html"
},
{
"name": "20180608 SensioLabs Symfony version 3.3.6 - Cross-Site Scripting (Reflect)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/542071/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the \"file\" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states \"The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don\u0027t handle those issues as security issues)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html"
},
{
"name": "20180608 SensioLabs Symfony version 3.3.6 - Cross-Site Scripting (Reflect)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/542071/100/0/threaded"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the \"file\" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states \"The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don\u0027t handle those issues as security issues).\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html"
},
{
"name": "20180608 SensioLabs Symfony version 3.3.6 - Cross-Site Scripting (Reflect)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/542071/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12040",
"datePublished": "2018-06-13T22:00:00",
"dateReserved": "2018-06-07T00:00:00",
"dateUpdated": "2024-08-05T08:24:03.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-15094
Vulnerability from cvelistv5
Published
2020-09-02 17:35
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind (all HTTP calls come from a trusted backend in that scenario). But when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible. This has been fixed in versions 4.4.13 and 5.1.5.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78 | x_refsource_MISC | |
| https://packagist.org/packages/symfony/symfony | x_refsource_MISC | |
| https://packagist.org/packages/symfony/http-kernel | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:22.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/symfony/symfony"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"name": "FEDORA-2020-16eb328853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"name": "FEDORA-2020-1c549262f1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.13"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind (all HTTP calls come from a trusted backend in that scenario). But when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible. This has been fixed in versions 4.4.13 and 5.1.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-212",
"description": "{\"CWE-212\":\"Improper Removal of Sensitive Information Before Storage or Transfer\"}",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-25T18:06:43",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/symfony/symfony"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"name": "FEDORA-2020-16eb328853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"name": "FEDORA-2020-1c549262f1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
}
],
"source": {
"advisory": "GHSA-754h-5r27-7x3r",
"discovery": "UNKNOWN"
},
"title": "RCE in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15094",
"STATE": "PUBLIC",
"TITLE": "RCE in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.13"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.1.5"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind (all HTTP calls come from a trusted backend in that scenario). But when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible. This has been fixed in versions 4.4.13 and 5.1.5."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "{\"CWE-212\":\"Improper Removal of Sensitive Information Before Storage or Transfer\"}"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"name": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"name": "https://packagist.org/packages/symfony/symfony",
"refsource": "MISC",
"url": "https://packagist.org/packages/symfony/symfony"
},
{
"name": "https://packagist.org/packages/symfony/http-kernel",
"refsource": "MISC",
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"name": "FEDORA-2020-16eb328853",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"name": "FEDORA-2020-1c549262f1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
}
]
},
"source": {
"advisory": "GHSA-754h-5r27-7x3r",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15094",
"datePublished": "2020-09-02T17:35:15",
"dateReserved": "2020-06-25T00:00:00",
"dateUpdated": "2024-08-04T13:08:22.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5574
Vulnerability from cvelistv5
Published
2012-12-18 01:00
Modified
2024-08-06 21:14
Severity ?
EPSS score ?
Summary
lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880240"
},
{
"name": "FEDORA-2012-19235",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html"
},
{
"name": "FEDORA-2012-19076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-20-released"
},
{
"name": "56685",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56685"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444696"
},
{
"name": "87869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/87869"
},
{
"name": "FEDORA-2012-19195",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html"
},
{
"name": "51372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51372"
},
{
"name": "symfony-unspecified-information-disclosure(80309)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80309"
},
{
"name": "[oss-security] 20121126 Re: CVE Request -- Symfony (php-symfony-symfony) \u003c 1.4.20: Ability to read arbitrary files on the server, readable with the web server privileges",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/26/12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://trac.symfony-project.org/changeset/33598"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880240"
},
{
"name": "FEDORA-2012-19235",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html"
},
{
"name": "FEDORA-2012-19076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-20-released"
},
{
"name": "56685",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56685"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444696"
},
{
"name": "87869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/87869"
},
{
"name": "FEDORA-2012-19195",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html"
},
{
"name": "51372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51372"
},
{
"name": "symfony-unspecified-information-disclosure(80309)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80309"
},
{
"name": "[oss-security] 20121126 Re: CVE Request -- Symfony (php-symfony-symfony) \u003c 1.4.20: Ability to read arbitrary files on the server, readable with the web server privileges",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/26/12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://trac.symfony-project.org/changeset/33598"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5574",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=880240",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880240"
},
{
"name": "FEDORA-2012-19235",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html"
},
{
"name": "FEDORA-2012-19076",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html"
},
{
"name": "http://symfony.com/blog/security-release-symfony-1-4-20-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-release-symfony-1-4-20-released"
},
{
"name": "56685",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56685"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=444696",
"refsource": "MISC",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444696"
},
{
"name": "87869",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/87869"
},
{
"name": "FEDORA-2012-19195",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html"
},
{
"name": "51372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51372"
},
{
"name": "symfony-unspecified-information-disclosure(80309)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80309"
},
{
"name": "[oss-security] 20121126 Re: CVE Request -- Symfony (php-symfony-symfony) \u003c 1.4.20: Ability to read arbitrary files on the server, readable with the web server privileges",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/26/12"
},
{
"name": "http://trac.symfony-project.org/changeset/33598",
"refsource": "CONFIRM",
"url": "http://trac.symfony-project.org/changeset/33598"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5574",
"datePublished": "2012-12-18T01:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18888
Vulnerability from cvelistv5
Published
2019-11-21 22:19
Modified
2024-08-05 02:02
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x).
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/symfony-4-3-8-released | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/releases/tag/v4.3.8 | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser"
},
{
"name": "FEDORA-2019-9c2ad3b018",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"name": "FEDORA-2019-5ae4fd9203",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"name": "FEDORA-2019-8b0ba02338",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-22T02:07:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser"
},
{
"name": "FEDORA-2019-9c2ad3b018",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"name": "FEDORA-2019-5ae4fd9203",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"name": "FEDORA-2019-8b0ba02338",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/symfony-4-3-8-released",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v4.3.8",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"name": "https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser"
},
{
"name": "FEDORA-2019-9c2ad3b018",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"name": "FEDORA-2019-5ae4fd9203",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"name": "FEDORA-2019-8b0ba02338",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18888",
"datePublished": "2019-11-21T22:19:52",
"dateReserved": "2019-11-12T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10910
Vulnerability from cvelistv5
Published
2019-05-16 21:31
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_19_19 | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-09T13:06:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"name": "https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid"
},
{
"name": "https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10910",
"datePublished": "2019-05-16T21:31:41",
"dateReserved": "2019-04-07T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46735
Vulnerability from cvelistv5
Published
2023-11-10 17:58
Modified
2024-09-03 15:24
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
},
{
"name": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:14:14.893233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:24:36.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.3.0, \u003c 6.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn\u0027t return any user-submitted input in its response."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T17:58:18.136Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
},
{
"name": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962"
}
],
"source": {
"advisory": "GHSA-72x2-5c85-6wmr",
"discovery": "UNKNOWN"
},
"title": "Symfony potential Cross-site Scripting in WebhookController"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46735",
"datePublished": "2023-11-10T17:58:18.136Z",
"dateReserved": "2023-10-25T14:30:33.752Z",
"dateUpdated": "2024-09-03T15:24:36.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-11386
Vulnerability from cvelistv5
Published
2018-06-13 16:00
Modified
2024-08-05 08:10
Severity ?
EPSS score ?
Summary
An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/ | vendor-advisory, x_refsource_FEDORA | |
| https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler | x_refsource_CONFIRM | |
| https://www.debian.org/security/2018/dsa-4262 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:10:13.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-05T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2018-96d770ddc9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "FEDORA-2018-eba0006df2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler"
},
{
"name": "DSA-4262",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11386",
"datePublished": "2018-06-13T16:00:00",
"dateReserved": "2018-05-22T00:00:00",
"dateUpdated": "2024-08-05T08:10:13.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4050
Vulnerability from cvelistv5
Published
2015-06-02 14:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment.
References
| ▼ | URL | Tags |
|---|---|---|
| http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159610.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.debian.org/security/2015/dsa-3276 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159603.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/74928 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:03.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access"
},
{
"name": "FEDORA-2015-9039",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159610.html"
},
{
"name": "DSA-3276",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3276"
},
{
"name": "FEDORA-2015-9034",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159603.html"
},
{
"name": "FEDORA-2015-9025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html"
},
{
"name": "74928",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74928"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access"
},
{
"name": "FEDORA-2015-9039",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159610.html"
},
{
"name": "DSA-3276",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3276"
},
{
"name": "FEDORA-2015-9034",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159603.html"
},
{
"name": "FEDORA-2015-9025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html"
},
{
"name": "74928",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74928"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access"
},
{
"name": "FEDORA-2015-9039",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159610.html"
},
{
"name": "DSA-3276",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3276"
},
{
"name": "FEDORA-2015-9034",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159603.html"
},
{
"name": "FEDORA-2015-9025",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html"
},
{
"name": "74928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74928"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4050",
"datePublished": "2015-06-02T14:00:00",
"dateReserved": "2015-05-21T00:00:00",
"dateUpdated": "2024-08-06T06:04:03.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1902
Vulnerability from cvelistv5
Published
2016-06-01 22:00
Modified
2024-08-05 23:10
Severity ?
EPSS score ?
Summary
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/pull/17359 | x_refsource_CONFIRM | |
| https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/ | x_refsource_MISC | |
| http://www.debian.org/security/2016/dsa-3588 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:39.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/17359"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/"
},
{
"name": "DSA-3588",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-01T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/pull/17359"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/"
},
{
"name": "DSA-3588",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails"
},
{
"name": "https://github.com/symfony/symfony/pull/17359",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/pull/17359"
},
{
"name": "https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/",
"refsource": "MISC",
"url": "https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/"
},
{
"name": "DSA-3588",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1902",
"datePublished": "2016-06-01T22:00:00",
"dateReserved": "2016-01-14T00:00:00",
"dateUpdated": "2024-08-05T23:10:39.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5958
Vulnerability from cvelistv5
Published
2014-12-27 18:00
Modified
2024-08-06 17:29
Severity ?
EPSS score ?
Summary
The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750.
References
| ▼ | URL | Tags |
|---|---|---|
| http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-27T18:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5958",
"datePublished": "2014-12-27T18:00:00",
"dateReserved": "2013-09-27T00:00:00",
"dateUpdated": "2024-08-06T17:29:42.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2308
Vulnerability from cvelistv5
Published
2015-06-24 10:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/cve-2015-2308-esi-code-injection | x_refsource_CONFIRM | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000089 | third-party-advisory, x_refsource_JVNDB | |
| http://jvn.jp/en/jp/JVN19578958/index.html | third-party-advisory, x_refsource_JVN | |
| http://www.securityfocus.com/bid/75357 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:16.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2015-2308-esi-code-injection"
},
{
"name": "JVNDB-2015-000089",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000089"
},
{
"name": "JVN#19578958",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN19578958/index.html"
},
{
"name": "75357",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75357"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language=\"php\" attribute of a SCRIPT element."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2015-2308-esi-code-injection"
},
{
"name": "JVNDB-2015-000089",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000089"
},
{
"name": "JVN#19578958",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN19578958/index.html"
},
{
"name": "75357",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75357"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language=\"php\" attribute of a SCRIPT element."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2015-2308-esi-code-injection",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2015-2308-esi-code-injection"
},
{
"name": "JVNDB-2015-000089",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000089"
},
{
"name": "JVN#19578958",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN19578958/index.html"
},
{
"name": "75357",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75357"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2308",
"datePublished": "2015-06-24T10:00:00",
"dateReserved": "2015-03-16T00:00:00",
"dateUpdated": "2024-08-06T05:10:16.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2403
Vulnerability from cvelistv5
Published
2017-02-07 17:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
References
| ▼ | URL | Tags |
|---|---|---|
| http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password | x_refsource_CONFIRM | |
| https://www.debian.org/security/2018/dsa-4262 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/bid/96137 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"name": "96137",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-05T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"name": "96137",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
},
{
"name": "DSA-4262",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"name": "96137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2403",
"datePublished": "2017-02-07T17:00:00",
"dateReserved": "2016-02-18T00:00:00",
"dateUpdated": "2024-08-05T23:24:49.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8124
Vulnerability from cvelistv5
Published
2015-12-07 20:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/archive/1/537183/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.debian.org/security/2015/dsa-3402 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/bid/77694 | vdb-entry, x_refsource_BID | |
| http://seclists.org/fulldisclosure/2015/Dec/89 | mailing-list, x_refsource_FULLDISC | |
| https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2015-0efcb5fbc5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"name": "20151222 [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In \"Remember Me\" Login Functionality",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537183/100/0/threaded"
},
{
"name": "FEDORA-2015-0b89738311",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"name": "DSA-3402",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"name": "77694",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77694"
},
{
"name": "20151222 [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In \"Remember Me\" Login Functionality",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/89"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in the \"Remember Me\" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2015-0efcb5fbc5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"name": "20151222 [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In \"Remember Me\" Login Functionality",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537183/100/0/threaded"
},
{
"name": "FEDORA-2015-0b89738311",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"name": "DSA-3402",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"name": "77694",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77694"
},
{
"name": "20151222 [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In \"Remember Me\" Login Functionality",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/89"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in the \"Remember Me\" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-0efcb5fbc5",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"name": "20151222 [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In \"Remember Me\" Login Functionality",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537183/100/0/threaded"
},
{
"name": "FEDORA-2015-0b89738311",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"name": "DSA-3402",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"name": "77694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77694"
},
{
"name": "20151222 [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In \"Remember Me\" Login Functionality",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/89"
},
{
"name": "https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8124",
"datePublished": "2015-12-07T20:00:00",
"dateReserved": "2015-11-12T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-11407
Vulnerability from cvelistv5
Published
2018-06-13 16:00
Modified
2024-08-05 08:10
Severity ?
EPSS score ?
Summary
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:10:13.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a \"null\" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-13T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11407",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a \"null\" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11407",
"datePublished": "2018-06-13T16:00:00",
"dateReserved": "2018-05-24T00:00:00",
"dateUpdated": "2024-08-05T08:10:13.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-14773
Vulnerability from cvelistv5
Published
2018-08-03 17:00
Modified
2024-08-05 09:38
Severity ?
EPSS score ?
Summary
An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104943 | vdb-entry, x_refsource_BID | |
| https://www.drupal.org/SA-CORE-2018-005 | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | mailing-list, x_refsource_MLIST | |
| https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041405 | vdb-entry, x_refsource_SECTRACK | |
| https://www.debian.org/security/2019/dsa-4441 | vendor-advisory, x_refsource_DEBIAN | |
| https://seclists.org/bugtraq/2019/May/21 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:13.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104943",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104943"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.drupal.org/SA-CORE-2018-005"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b"
},
{
"name": "1041405",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041405"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it\u0027s not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \\Symfony\\Component\\HttpFoundation\\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-10T15:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "104943",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104943"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.drupal.org/SA-CORE-2018-005"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b"
},
{
"name": "1041405",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041405"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14773",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it\u0027s not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \\Symfony\\Component\\HttpFoundation\\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104943"
},
{
"name": "https://www.drupal.org/SA-CORE-2018-005",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/SA-CORE-2018-005"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers"
},
{
"name": "https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b"
},
{
"name": "1041405",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041405"
},
{
"name": "DSA-4441",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/21"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14773",
"datePublished": "2018-08-03T17:00:00",
"dateReserved": "2018-07-31T00:00:00",
"dateUpdated": "2024-08-05T09:38:13.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-11408
Vulnerability from cvelistv5
Published
2018-06-13 16:00
Modified
2024-08-05 08:10
Severity ?
EPSS score ?
Summary
The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:10:13.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers"
},
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-10T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers"
},
{
"name": "FEDORA-2018-96d770ddc9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "FEDORA-2018-eba0006df2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11408",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers"
},
{
"name": "FEDORA-2018-96d770ddc9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"name": "FEDORA-2018-ba0b683c10",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"name": "FEDORA-2018-eba0006df2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11408",
"datePublished": "2018-06-13T16:00:00",
"dateReserved": "2018-05-24T00:00:00",
"dateUpdated": "2024-08-05T08:10:13.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16790
Vulnerability from cvelistv5
Published
2018-08-06 21:00
Modified
2024-08-05 20:35
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are then bound to the form. At this stage there is no difference anymore between submitted POST data and uploaded files. A user can send a crafted HTTP request where the value of a "FileType" is sent as normal POST data that could be interpreted as a local file path on the server-side (for example, "file:///etc/passwd"). If the application did not perform any additional checks about the value submitted to the "FileType", the contents of the given file on the server could have been exposed to the attacker.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files | x_refsource_CONFIRM | |
| https://www.debian.org/security/2018/dsa-4262 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:35:21.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are then bound to the form. At this stage there is no difference anymore between submitted POST data and uploaded files. A user can send a crafted HTTP request where the value of a \"FileType\" is sent as normal POST data that could be interpreted as a local file path on the server-side (for example, \"file:///etc/passwd\"). If the application did not perform any additional checks about the value submitted to the \"FileType\", the contents of the given file on the server could have been exposed to the attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-06T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are then bound to the form. At this stage there is no difference anymore between submitted POST data and uploaded files. A user can send a crafted HTTP request where the value of a \"FileType\" is sent as normal POST data that could be interpreted as a local file path on the server-side (for example, \"file:///etc/passwd\"). If the application did not perform any additional checks about the value submitted to the \"FileType\", the contents of the given file on the server could have been exposed to the attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files"
},
{
"name": "DSA-4262",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16790",
"datePublished": "2018-08-06T21:00:00",
"dateReserved": "2017-11-10T00:00:00",
"dateUpdated": "2024-08-05T20:35:21.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-32693
Vulnerability from cvelistv5
Published
2021-06-17 22:40
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:31.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-17T22:40:11",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
}
],
"source": {
"advisory": "GHSA-rfcf-m67m-jcrq",
"discovery": "UNKNOWN"
},
"title": "Authentication granted with multiple firewalls",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32693",
"STATE": "PUBLIC",
"TITLE": "Authentication granted with multiple firewalls"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.2"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"name": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129",
"refsource": "MISC",
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"name": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"name": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one",
"refsource": "MISC",
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
}
]
},
"source": {
"advisory": "GHSA-rfcf-m67m-jcrq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32693",
"datePublished": "2021-06-17T22:40:11",
"dateReserved": "2021-05-12T00:00:00",
"dateUpdated": "2024-08-03T23:25:31.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10913
Vulnerability from cvelistv5
Published
2019-05-16 21:15
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T21:15:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10913",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides"
},
{
"name": "https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10913",
"datePublished": "2019-05-16T21:15:04",
"dateReserved": "2019-04-07T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5255
Vulnerability from cvelistv5
Published
2020-03-30 19:30
Modified
2024-08-04 08:22
Severity ?
EPSS score ?
Summary
In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859 | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6 | x_refsource_MISC | |
| https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.4.0 and \u003c 4.4.7"
},
{
"status": "affected",
"version": "\u003e= 5.0.0 and \u003c 5.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response\u0026#39;s content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-435",
"description": "CWE-435 Improper Interaction Between Multiple Correctly-Behaving Entities",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T16:06:00",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"source": {
"advisory": "GHSA-mcx4-f5f5-4859",
"discovery": "UNKNOWN"
},
"title": "Prevent cache poisoning via a Response Content-Type header",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5255",
"STATE": "PUBLIC",
"TITLE": "Prevent cache poisoning via a Response Content-Type header"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.4.0 and \u003c 4.4.7"
},
{
"version_value": "\u003e= 5.0.0 and \u003c 5.0.7"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response\u0026#39;s content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-435 Improper Interaction Between Multiple Correctly-Behaving Entities"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"name": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"name": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header",
"refsource": "MISC",
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
},
{
"name": "FEDORA-2020-fade6a8df7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
]
},
"source": {
"advisory": "GHSA-mcx4-f5f5-4859",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5255",
"datePublished": "2020-03-30T19:30:15",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4751
Vulnerability from cvelistv5
Published
2019-11-01 12:33
Modified
2024-08-06 16:52
Severity ?
EPSS score ?
Summary
php-symfony2-Validator has loss of information during serialization
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751 | x_refsource_MISC | |
| http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html | x_refsource_MISC | |
| http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html | x_refsource_MISC | |
| http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released | x_refsource_MISC | |
| http://www.securityfocus.com/bid/61709 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/86364 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:26.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "php-symfony2-Validator has loss of information during serialization"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-01T12:33:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/61709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "php-symfony2-Validator has loss of information during serialization"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html"
},
{
"name": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released",
"refsource": "MISC",
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"name": "http://www.securityfocus.com/bid/61709",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/61709"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86364",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4751",
"datePublished": "2019-11-01T12:33:58",
"dateReserved": "2013-07-02T00:00:00",
"dateUpdated": "2024-08-06T16:52:26.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4423
Vulnerability from cvelistv5
Published
2016-06-01 22:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/pull/18733 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2016/dsa-3588 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:24.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/18733"
},
{
"name": "DSA-3588",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-01T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/pull/18733"
},
{
"name": "DSA-3588",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session"
},
{
"name": "https://github.com/symfony/symfony/pull/18733",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/pull/18733"
},
{
"name": "DSA-3588",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4423",
"datePublished": "2016-06-01T22:00:00",
"dateReserved": "2016-05-02T00:00:00",
"dateUpdated": "2024-08-06T00:32:24.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-11365
Vulnerability from cvelistv5
Published
2019-05-23 17:20
Modified
2024-08-05 18:05
Severity ?
EPSS score ?
Summary
Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/pull/23507 | x_refsource_MISC | |
| https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/23507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T17:20:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/23507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/pull/23507",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/23507"
},
{
"name": "https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11365",
"datePublished": "2019-05-23T17:20:57",
"dateReserved": "2017-07-17T00:00:00",
"dateUpdated": "2024-08-05T18:05:30.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5274
Vulnerability from cvelistv5
Published
2020-03-30 19:40
Modified
2024-08-04 08:22
Severity ?
EPSS score ?
Summary
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2 | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db | x_refsource_MISC | |
| https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.4.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-30T19:40:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
}
],
"source": {
"advisory": "GHSA-m884-279h-32v2",
"discovery": "UNKNOWN"
},
"title": "Exceptions displayed in non-debug configurations in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5274",
"STATE": "PUBLIC",
"TITLE": "Exceptions displayed in non-debug configurations in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0.0, \u003c 4.4.5"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.5"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209: Generation of Error Message Containing Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
},
{
"name": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"name": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
}
]
},
"source": {
"advisory": "GHSA-m884-279h-32v2",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5274",
"datePublished": "2020-03-30T19:40:14",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6431
Vulnerability from cvelistv5
Published
2012-12-27 11:00
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string.
References
| ▼ | URL | Tags |
|---|---|---|
| http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-27T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6431",
"datePublished": "2012-12-27T11:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-17T00:46:20.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5275
Vulnerability from cvelistv5
Published
2020-03-30 19:45
Modified
2024-08-04 08:22
Severity ?
EPSS score ?
Summary
In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72 | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.7"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule\u0027s attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T16:06:00",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"source": {
"advisory": "GHSA-g4m9-5hpf-hx72",
"discovery": "UNKNOWN"
},
"title": "Firewall configured with unanimous strategy was not actually unanimous in symfony/security-http",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5275",
"STATE": "PUBLIC",
"TITLE": "Firewall configured with unanimous strategy was not actually unanimous in symfony/security-http"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.7"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.7"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule\u0027s attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"name": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"name": "FEDORA-2020-fade6a8df7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
]
},
"source": {
"advisory": "GHSA-g4m9-5hpf-hx72",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5275",
"datePublished": "2020-03-30T19:45:14",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8125
Vulnerability from cvelistv5
Published
2015-12-07 20:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.debian.org/security/2015/dsa-3402 | vendor-advisory, x_refsource_DEBIAN | |
| https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/77692 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2015-0efcb5fbc5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"name": "FEDORA-2015-0b89738311",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"name": "DSA-3402",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service"
},
{
"name": "77692",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77692"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2015-0efcb5fbc5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"name": "FEDORA-2015-0b89738311",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"name": "DSA-3402",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service"
},
{
"name": "77692",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77692"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-0efcb5fbc5",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"name": "FEDORA-2015-0b89738311",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"name": "DSA-3402",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"name": "https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service"
},
{
"name": "77692",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77692"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8125",
"datePublished": "2015-12-07T20:00:00",
"dateReserved": "2015-11-12T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4752
Vulnerability from cvelistv5
Published
2020-01-02 16:07
Modified
2024-08-06 16:52
Severity ?
EPSS score ?
Summary
Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86367"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61715"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86365"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86366"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86368"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86369"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86370"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86371"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86372"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86373"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-02T16:07:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86367"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/61715"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86365"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86366"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86368"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86369"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86370"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86371"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86372"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86373"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86367",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86367"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html"
},
{
"name": "http://www.securityfocus.com/bid/61715",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/61715"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86365",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86365"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86366",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86366"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86368",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86368"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86369",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86369"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86370",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86370"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86371",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86371"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86372",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86372"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86373",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86373"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86374",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4752",
"datePublished": "2020-01-02T16:07:55",
"dateReserved": "2013-07-02T00:00:00",
"dateUpdated": "2024-08-06T16:52:27.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24894
Vulnerability from cvelistv5
Published
2023-02-03 21:46
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim's session. This issue has been patched and is available for branch 4.4.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv"
},
{
"name": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 4.4.50"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.4.20"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.0.20"
},
{
"status": "affected",
"version": "\u003e= 6.1.0, \u003c 6.1.12"
},
{
"status": "affected",
"version": "\u003e= 6.2.0, \u003c 6.2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim\u0027s session. This issue has been patched and is available for branch 4.4.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T21:46:23.702Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv"
},
{
"name": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"source": {
"advisory": "GHSA-h7vf-5wrv-9fhv",
"discovery": "UNKNOWN"
},
"title": "Symfony storing cookie headers in HttpCache"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24894",
"datePublished": "2023-02-03T21:46:23.702Z",
"dateReserved": "2022-02-10T16:41:34.956Z",
"dateUpdated": "2024-08-03T04:29:01.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18889
Vulnerability from cvelistv5
Published
2019-11-21 22:21
Modified
2024-08-05 02:02
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/symfony-4-3-8-released | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/releases/tag/v4.3.8 | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances"
},
{
"name": "FEDORA-2019-8b0ba02338",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-22T02:07:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances"
},
{
"name": "FEDORA-2019-8b0ba02338",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/symfony-4-3-8-released",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v4.3.8",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"name": "https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances"
},
{
"name": "FEDORA-2019-8b0ba02338",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18889",
"datePublished": "2019-11-21T22:21:42",
"dateReserved": "2019-11-12T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18886
Vulnerability from cvelistv5
Published
2019-11-21 17:41
Modified
2024-08-05 02:02
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/releases/tag/v4.3.8 | x_refsource_MISC | |
| https://symfony.com/blog/symfony-4-3-8-released | x_refsource_MISC | |
| https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-21T17:41:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/releases/tag/v4.3.8",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"name": "https://symfony.com/blog/symfony-4-3-8-released",
"refsource": "MISC",
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"name": "https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18886",
"datePublished": "2019-11-21T17:41:54",
"dateReserved": "2019-11-12T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10909
Vulnerability from cvelistv5
Published
2019-05-16 21:36
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_19_19 | x_refsource_CONFIRM | |
| https://www.drupal.org/sa-core-2019-005 | x_refsource_MISC | |
| https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.drupal.org/sa-core-2019-005"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-09T13:06:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.drupal.org/sa-core-2019-005"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"name": "https://www.drupal.org/sa-core-2019-005",
"refsource": "MISC",
"url": "https://www.drupal.org/sa-core-2019-005"
},
{
"name": "https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine"
},
{
"name": "https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10909",
"datePublished": "2019-05-16T21:36:10",
"dateReserved": "2019-04-07T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46734
Vulnerability from cvelistv5
Published
2023-11-10 17:49
Modified
2024-09-03 15:36
Severity ?
EPSS score ?
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
},
{
"name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
},
{
"name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:11:26.071140Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:36:18.165Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 4.4.51"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.4.31"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T21:37:51.250Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
},
{
"name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
},
{
"name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
}
],
"source": {
"advisory": "GHSA-q847-2q57-wmr3",
"discovery": "UNKNOWN"
},
"title": "Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46734",
"datePublished": "2023-11-10T17:49:55.188Z",
"dateReserved": "2023-10-25T14:30:33.752Z",
"dateUpdated": "2024-09-03T15:36:18.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11325
Vulnerability from cvelistv5
Published
2019-11-21 22:15
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3 | x_refsource_MISC | |
| https://symfony.com/blog/symfony-4-3-8-released | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/releases/tag/v4.3.8 | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-21T22:15:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3",
"refsource": "MISC",
"url": "https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3"
},
{
"name": "https://symfony.com/blog/symfony-4-3-8-released",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v4.3.8",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"name": "https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11325",
"datePublished": "2019-11-21T22:15:55",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-08-04T22:48:09.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16654
Vulnerability from cvelistv5
Published
2018-08-06 21:00
Modified
2024-08-05 20:27
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determine the language bundle to retrieve. The locale argument value is commonly retrieved from untrusted user input (like a URL parameter). An attacker can use this argument to navigate to arbitrary directories via the dot-dot-slash attack, aka Directory Traversal.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/pull/24994 | x_refsource_CONFIRM | |
| https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2018/dsa-4262 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:04.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/24994"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determine the language bundle to retrieve. The locale argument value is commonly retrieved from untrusted user input (like a URL parameter). An attacker can use this argument to navigate to arbitrary directories via the dot-dot-slash attack, aka Directory Traversal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-10T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/pull/24994"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "DSA-4262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determine the language bundle to retrieve. The locale argument value is commonly retrieved from untrusted user input (like a URL parameter). An attacker can use this argument to navigate to arbitrary directories via the dot-dot-slash attack, aka Directory Traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/pull/24994",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/pull/24994"
},
{
"name": "https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "DSA-4262",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16654",
"datePublished": "2018-08-06T21:00:00",
"dateReserved": "2017-11-07T00:00:00",
"dateUpdated": "2024-08-05T20:27:04.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2667
Vulnerability from cvelistv5
Published
2012-06-07 19:00
Modified
2024-08-06 19:42
Severity ?
EPSS score ?
Summary
Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/06/04/1 | mailing-list, x_refsource_MLIST | |
| http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/53776 | vdb-entry, x_refsource_BID | |
| http://symfony.com/blog/security-release-symfony-1-4-18-released | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2012/06/05/2 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/49312 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/76027 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:32.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120604 CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/06/04/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG"
},
{
"name": "53776",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53776"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-18-released"
},
{
"name": "[oss-security] 20120605 Re: CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/06/05/2"
},
{
"name": "49312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49312"
},
{
"name": "symfony-session-hijacking(76027)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified \"database backed session classes.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120604 CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/06/04/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG"
},
{
"name": "53776",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53776"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-18-released"
},
{
"name": "[oss-security] 20120605 Re: CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/06/05/2"
},
{
"name": "49312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49312"
},
{
"name": "symfony-session-hijacking(76027)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified \"database backed session classes.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120604 CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/04/1"
},
{
"name": "http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG"
},
{
"name": "53776",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53776"
},
{
"name": "http://symfony.com/blog/security-release-symfony-1-4-18-released",
"refsource": "CONFIRM",
"url": "http://symfony.com/blog/security-release-symfony-1-4-18-released"
},
{
"name": "[oss-security] 20120605 Re: CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/05/2"
},
{
"name": "49312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49312"
},
{
"name": "symfony-session-hijacking(76027)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2667",
"datePublished": "2012-06-07T19:00:00",
"dateReserved": "2012-05-14T00:00:00",
"dateUpdated": "2024-08-06T19:42:32.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-19789
Vulnerability from cvelistv5
Published
2018-12-18 22:00
Modified
2024-08-05 11:44
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/ | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/106249 | vdb-entry, x_refsource_BID | |
| https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/ | vendor-advisory, x_refsource_FEDORA | |
| https://www.debian.org/security/2019/dsa-4441 | vendor-advisory, x_refsource_DEBIAN | |
| https://seclists.org/bugtraq/2019/May/21 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:44:20.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2018-8c06b6defd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"name": "FEDORA-2018-66547a8c14",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"name": "106249",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "FEDORA-2018-6edf04d9d6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that\u0027s the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-10T15:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2018-8c06b6defd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"name": "FEDORA-2018-66547a8c14",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"name": "106249",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "FEDORA-2018-6edf04d9d6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"name": "DSA-4441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that\u0027s the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2018-8c06b6defd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"name": "FEDORA-2018-66547a8c14",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"name": "106249",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106249"
},
{
"name": "https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"name": "FEDORA-2018-6edf04d9d6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"name": "DSA-4441",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"name": "20190510 [SECURITY] [DSA 4441-1] symfony security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/21"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19789",
"datePublished": "2018-12-18T22:00:00",
"dateReserved": "2018-12-02T00:00:00",
"dateUpdated": "2024-08-05T11:44:20.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16652
Vulnerability from cvelistv5
Published
2018-06-13 16:00
Modified
2024-08-05 20:27
Severity ?
EPSS score ?
Summary
An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:04.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-10T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers",
"refsource": "CONFIRM",
"url": "https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers"
},
{
"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16652",
"datePublished": "2018-06-13T16:00:00",
"dateReserved": "2017-11-07T00:00:00",
"dateUpdated": "2024-08-05T20:27:04.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-41270
Vulnerability from cvelistv5
Published
2021-11-24 19:05
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\t`) part of the vulnerable characters, and OWASP suggests using the single quote `'` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `'` to prefix formulas and add the prefix to cells starting by `\t`, `\r` as well as `=`, `+`, `-` and `@`.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/pull/44243 | x_refsource_MISC | |
| https://github.com/symfony/symfony/releases/tag/v5.3.12 | x_refsource_MISC | |
| https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"name": "FEDORA-2021-0294e8ca24",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
},
{
"name": "FEDORA-2021-10fd47b32d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.4.35"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\\t`) part of the vulnerable characters, and OWASP suggests using the single quote `\u0027` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `\u0027` to prefix formulas and add the prefix to cells starting by `\\t`, `\\r` as well as `=`, `+`, `-` and `@`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236: Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-03T02:06:25",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"name": "FEDORA-2021-0294e8ca24",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
},
{
"name": "FEDORA-2021-10fd47b32d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
}
],
"source": {
"advisory": "GHSA-2xhg-w2g5-w95x",
"discovery": "UNKNOWN"
},
"title": "CSV Injection in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41270",
"STATE": "PUBLIC",
"TITLE": "CSV Injection in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.1.0, \u003c 4.4.35"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.3.12"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\\t`) part of the vulnerable characters, and OWASP suggests using the single quote `\u0027` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `\u0027` to prefix formulas and add the prefix to cells starting by `\\t`, `\\r` as well as `=`, `+`, `-` and `@`."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1236: Improper Neutralization of Formula Elements in a CSV File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/pull/44243",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v5.3.12",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"name": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"name": "FEDORA-2021-0294e8ca24",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
},
{
"name": "FEDORA-2021-10fd47b32d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
}
]
},
"source": {
"advisory": "GHSA-2xhg-w2g5-w95x",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41270",
"datePublished": "2021-11-24T19:05:11",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-12-18 22:29
Modified
2024-11-21 03:58
Severity ?
Summary
An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C920A156-6069-4228-8566-7E6702FEC963",
"versionEndExcluding": "2.7.50",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F566E2-4BE2-4EFD-9800-D29DE8E53886",
"versionEndExcluding": "2.8.49",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "934D9B80-E632-4996-9BF0-8D34C4CFD23F",
"versionEndExcluding": "3.4.20",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "377BBA51-611E-4146-898A-A103B511EA83",
"versionEndExcluding": "4.0.15",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F29F714-E604-43BF-9707-1AFD5E4D2F05",
"versionEndExcluding": "4.1.9",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F91E7F-D094-4C23-AF65-F8CA9F146006",
"versionEndExcluding": "4.2.1",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that\u0027s the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Symfony en versiones 2.7.x anteriores a la 2.7.50, versiones 2.8.x anteriores a la 2.8.49, versiones 3.x anteriores a la 3.4.20, versiones 4.0.x anteriores a la 4.0.15, versiones 4.1.x anteriores a la 4.1.9 y versiones 4.2.x anteriores a la 4.2.1. Al emplear la lista de ripo escalar \"string\" en un m\u00e9todo setter (por ejemplo, \"setName(string $name)\") de una clase que es el \"data_class\" de un formulario, y cuando se env\u00eda una subida de archivos al campo correspondiente en lugar de una entrada de texto normal, se llama a \"UploadedFile::__toString()\", lo que devolver\u00e1 y revelar\u00e1 la ruta del archivo subido. En determinadas circunstancias, si se combina con un problema de inclusi\u00f3n de archivos locales, podr\u00eda escalarse a una ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2018-19789",
"lastModified": "2024-11-21T03:58:33.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-18T22:29:04.947",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2019/dsa-4441"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-06 21:29
Modified
2024-11-21 03:16
Severity ?
Summary
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determine the language bundle to retrieve. The locale argument value is commonly retrieved from untrusted user input (like a URL parameter). An attacker can use this argument to navigate to arbitrary directories via the dot-dot-slash attack, aka Directory Traversal.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/symfony/symfony/pull/24994 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | Third Party Advisory | |
| cve@mitre.org | https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4262 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/pull/24994 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4262 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B84DB7E-B758-4D6A-B10B-AE602F172EC0",
"versionEndIncluding": "2.7.37",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E4D371-1EC1-49A7-BED2-F9C36E8C5BB4",
"versionEndIncluding": "3.2.13",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49BB635A-5911-4DB0-A75C-D73EBC772283",
"versionEndIncluding": "3.3.12",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B081CEE-9990-48CE-9ED2-06CBB6F977EA",
"versionEndIncluding": "3.8.30",
"versionStartIncluding": "3.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determine the language bundle to retrieve. The locale argument value is commonly retrieved from untrusted user input (like a URL parameter). An attacker can use this argument to navigate to arbitrary directories via the dot-dot-slash attack, aka Directory Traversal."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Symfony en versiones anteriores a la 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5 y 4.0-BETA5. El componente Intl incluye varios lectores bundle que se emplean para leer bundles de recursos desde el sistema de archivos local. Los m\u00e9todos read() de estas clases emplean una ruta y una locale para determinar qu\u00e9 bundle de idioma deben recuperar. El valor del argumento locale suele recuperarse desde entradas de usuario no fiables (como un par\u00e1metro URL). Un atacante puede emplear este argumento para navegar a directorios arbitrarios mediante el ataque dot-dot-slash (punto-punto-barra), tambi\u00e9n conocido como salto de directorio."
}
],
"id": "CVE-2017-16654",
"lastModified": "2024-11-21T03:16:46.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-06T21:29:00.330",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/24994"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/24994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-16 22:29
Modified
2024-11-21 04:20
Severity ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| drupal | drupal | * | |
| drupal | drupal | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A86884C0-A185-4CCF-AB21-1D1529AEDAED",
"versionEndExcluding": "2.7.51",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4716654-1055-44B3-8E51-5BC0E739E0CB",
"versionEndExcluding": "2.8.50",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF53486E-FAAC-40B3-82CE-4EDCD2C96690",
"versionEndExcluding": "3.4.26",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25A92454-6E0B-4BDE-8967-BB3E32125102",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53E58B92-6D5D-4949-B75F-687F52961FDA",
"versionEndExcluding": "4.2.7",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9106BF81-B898-4EB0-B63C-9919D3B22260",
"versionEndExcluding": "8.5.15",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B37281E-9B44-42A5-AE0A-17CE6770995C",
"versionEndExcluding": "8.6.15",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection."
},
{
"lang": "es",
"value": "En Symfony antes de 2.7.51, 2.8.x antes de 2.8.50, 3.x antes de 3.4.26, 4.x antes de 4.1.12 y 4.2.x antes de 4.2.7, cuando los identificadores de servicio permiten la entrada del usuario, esto podr\u00eda permitir una inyecci\u00f3n SQL y ejecuci\u00f3n remota de c\u00f3digo. Esto est\u00e1 relacionado con Symfony / dependency-inyection."
}
],
"id": "CVE-2019-10910",
"lastModified": "2024-11-21T04:20:07.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T22:29:00.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-27 11:47
Modified
2024-11-21 01:46
Severity ?
Summary
Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI beginning with a /_internal substring.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | 2.0.0 | |
| sensiolabs | symfony | 2.0.1 | |
| sensiolabs | symfony | 2.0.2 | |
| sensiolabs | symfony | 2.0.3 | |
| sensiolabs | symfony | 2.0.4 | |
| sensiolabs | symfony | 2.0.5 | |
| sensiolabs | symfony | 2.0.6 | |
| sensiolabs | symfony | 2.0.7 | |
| sensiolabs | symfony | 2.0.8 | |
| sensiolabs | symfony | 2.0.9 | |
| sensiolabs | symfony | 2.0.10 | |
| sensiolabs | symfony | 2.0.11 | |
| sensiolabs | symfony | 2.0.12 | |
| sensiolabs | symfony | 2.0.13 | |
| sensiolabs | symfony | 2.0.14 | |
| sensiolabs | symfony | 2.0.15 | |
| sensiolabs | symfony | 2.0.16 | |
| sensiolabs | symfony | 2.0.17 | |
| sensiolabs | symfony | 2.0.18 | |
| sensiolabs | symfony | 2.0.19 | |
| sensiolabs | symfony | 2.0.20 | |
| sensiolabs | symfony | 2.1.0 | |
| sensiolabs | symfony | 2.1.1 | |
| sensiolabs | symfony | 2.1.2 | |
| sensiolabs | symfony | 2.1.3 | |
| sensiolabs | symfony | 2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379F1431-3466-4263-8C02-D6541E593F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBEC708-96A2-43DD-88C0-9407ABB6D4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B52BED-2996-4C96-A348-98A8C72C8EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6279E7-F362-4C13-A965-908BCF9C30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A101B27-9AE7-4C04-80BC-03A981217782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3360BFF1-89ED-4294-A503-835C9C40C7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE78FEA0-42E8-463C-9C7C-C778F712BB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5CEE9C-822C-491F-841C-218AA21C0AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "822F9083-5542-41AA-B9FA-1B43DE633340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "165F68AE-AB34-4C20-88C6-56210548242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B13BE7AA-72FD-402D-8919-BC5F23D03EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1B511-5EBC-4301-A561-AE15B63DFC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF62D2D-2D62-4F15-83CD-F635DC838031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A8431-356C-498F-AAEA-EC8D05D74877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E53A27F2-9C3D-4670-BE1E-A1F6994EF1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18DEB929-6B35-488B-80BF-70448BF7A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB03E2D-F137-4CBA-887D-D1461735C958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D37175A7-C937-4758-8EED-BE24C43AA115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EF598F-F8F6-4980-BC76-C2FAF8FE7AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CD1432-1C91-4DFE-86E0-E5E97775A425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "768F171C-3625-4696-ACEC-A10FA70F6BF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CD9AD6-5303-41C3-848B-504BFC03307D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1175DE26-53D0-4411-8416-C60602A097D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88E95571-E3F3-4D8F-A03C-C95317D7C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEC939-1319-475E-AE3B-5BFB3D05A38A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2:dev:*:*:*:*:*:*",
"matchCriteriaId": "892F1A5D-4770-4B23-9FF0-934D7592A3AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI beginning with a /_internal substring."
},
{
"lang": "es",
"value": "Symfony v2.0.x antes de v2.0.20, v2.1.x antes de v2.1.5 y v2.2-dev, cuando la configuraci\u00f3n de rutas internas est\u00e1 activada, permite a atacantes remotos acceder a los servicios elecci\u00f3n a trav\u00e9s de vectores relacionados con una subcadena /_internal.\r\n"
}
],
"id": "CVE-2012-6432",
"lastModified": "2024-11-21T01:46:06.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-27T11:47:01.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 18:15
Modified
2024-11-21 04:33
Severity ?
Summary
An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1317DFC-16C6-48A6-B792-3A190E552E79",
"versionEndIncluding": "4.2.11",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAE8AADD-6D19-481A-86D2-9E305ED6F197",
"versionEndIncluding": "4.3.7",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Symfony versiones 4.2.0 hasta 4.2.11 y 4.3.0 hasta 4.3.7. La capacidad para enumerar usuarios fue posible debido a un manejo diferente dependiendo de si el usuario exist\u00eda cuando se realizaron intentos no autorizados de utilizar la funcionalidad switch users. Esto est\u00e1 relacionado con Symfony/Security."
}
],
"id": "CVE-2019-18886",
"lastModified": "2024-11-21T04:33:46.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T18:15:11.820",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-30 20:15
Modified
2024-11-21 05:33
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95F04BAB-4B76-4142-B000-67FA0A9F73F4",
"versionEndExcluding": "4.4.7",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A656BCAC-1974-4E5D-B7E3-4162A6153A4B",
"versionEndExcluding": "5.0.7",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule\u0027s attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7."
},
{
"lang": "es",
"value": "En symfony/security-http versiones anteriores a 4.4.7 y 5.0.7, cuando un \"Firewall\" comprueba la regla de control de acceso, itera sobre los atributos de cada regla y se detiene tan pronto como accessDecisionManager decide otorgar acceso sobre el atributo, impidiendo la comprobaci\u00f3n de los siguientes atributos que deber\u00edan haberse tenido en cuenta en una estrategia un\u00e1nime. AccessDecisionManager es ahora llamado con todos los atributos a la vez, permitiendo que la estrategia un\u00e1nime sea aplicada en cada atributo. Este problema est\u00e1 parcheado en las versiones 4.4.7 y 5.0.7."
}
],
"id": "CVE-2020-5275",
"lastModified": "2024-11-21T05:33:48.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-30T20:15:19.837",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-03 22:15
Modified
2024-11-21 06:51
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD26F566-480D-42C8-93BA-011DC77BA73A",
"versionEndExcluding": "4.4.50",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F81B0E24-C7F6-4FC7-9414-A31A55C4A053",
"versionEndExcluding": "5.4.20",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6A6C-A7A4-4571-9677-24C9E7AAFD3C",
"versionEndExcluding": "6.0.20",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31265260-5BE3-41B1-A268-ECAE10B18978",
"versionEndExcluding": "6.1.12",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE7A2A1-3893-4574-8A59-24BBDDE8DC41",
"versionEndExcluding": "6.2.6",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch. \n\n"
}
],
"id": "CVE-2022-24895",
"lastModified": "2024-11-21T06:51:20.600",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-03T22:15:11.273",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 16:29
Modified
2024-11-21 03:43
Severity ?
Summary
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04FB061B-FE93-415F-AAFA-53C13FC423FB",
"versionEndExcluding": "2.8.37",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5417E6-35FB-4B1B-81DB-A969647DE21B",
"versionEndExcluding": "3.3.17",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2521E32B-A190-4FA8-8C06-50E1D6AF460A",
"versionEndExcluding": "3.4.7",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1114E91-D809-40C5-8908-42D360C0176B",
"versionEndExcluding": "4.0.7",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a \"null\" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en el componente Ldap en Symfony en versiones 2.8.x anteriores a la 2.8.37, versiones 3.3.x anteriores a la 3.3.17, versiones 3.4.x anteriores a la 3.4.7, y versiones 4.0.x anteriores a la 4.0.7. Permite que atacantes remotos omitan la autenticaci\u00f3n mediante el inicio de sesi\u00f3n con una contrase\u00f1a \"null\" y un nombre de usuario v\u00e1lido, lo que desencadena un enlace no autenticado. NOTA: este problema existe debido a una soluci\u00f3n incompleta para CVE-2016-2403."
}
],
"id": "CVE-2018-11407",
"lastModified": "2024-11-21T03:43:18.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T16:29:01.047",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-03 22:15
Modified
2024-11-21 06:51
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim's session. This issue has been patched and is available for branch 4.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD26F566-480D-42C8-93BA-011DC77BA73A",
"versionEndExcluding": "4.4.50",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A758FF4D-2E7D-4F45-A672-08994AFCC236",
"versionEndExcluding": "5.4.2",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DB6A6C-A7A4-4571-9677-24C9E7AAFD3C",
"versionEndExcluding": "6.0.20",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31265260-5BE3-41B1-A268-ECAE10B18978",
"versionEndExcluding": "6.1.12",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE7A2A1-3893-4574-8A59-24BBDDE8DC41",
"versionEndExcluding": "6.2.6",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim\u0027s session. This issue has been patched and is available for branch 4.4.\n"
}
],
"id": "CVE-2022-24894",
"lastModified": "2024-11-21T06:51:20.480",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-03T22:15:10.823",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-10 18:15
Modified
2024-11-21 08:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "534C2D1B-53F9-4E99-9ED7-F31EC02435F1",
"versionEndExcluding": "5.4.31",
"versionStartIncluding": "5.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE64BA2A-1A7B-478E-958F-D952826345D6",
"versionEndExcluding": "6.3.8",
"versionStartIncluding": "6.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn\u0027t change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated."
},
{
"lang": "es",
"value": "Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de las versiones 5.4.21 y 6.2.7 y anteriores a las versiones 5.4.31 y 6.3.8, `SessionStrategyListener` no migra la sesi\u00f3n despu\u00e9s de cada inicio de sesi\u00f3n exitoso. Lo hace s\u00f3lo en caso de que el usuario que ha iniciado sesi\u00f3n cambie mediante la verificaci\u00f3n del identificador de usuario. En algunos casos de uso, el identificador de usuario no cambia entre la fase de verificaci\u00f3n y el inicio de sesi\u00f3n exitoso, mientras que el token en s\u00ed cambia de un tipo (parcialmente autenticado) a otro (totalmente autenticado). Cuando esto sucede, se debe regenerar la identificaci\u00f3n de la sesi\u00f3n para evitar posibles arreglos de sesi\u00f3n, lo cual no es el caso en este momento. A partir de las versiones 5.4.31 y 6.3.8, Symfony ahora verifica el tipo de token adem\u00e1s del identificador de usuario antes de decidir si se debe regenerar la identificaci\u00f3n de la sesi\u00f3n."
}
],
"id": "CVE-2023-46733",
"lastModified": "2024-11-21T08:29:11.200",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-10T18:15:09.050",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 23:15
Modified
2024-11-21 04:33
Severity ?
Summary
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E4E0D1-FE7D-48CC-A198-D0CD4E25AF84",
"versionEndIncluding": "2.8.50",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81CFEF16-57A9-4123-8254-0D8941420C56",
"versionEndIncluding": "3.4.34",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1317DFC-16C6-48A6-B792-3A190E552E79",
"versionEndIncluding": "4.2.11",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAE8AADD-6D19-481A-86D2-9E305ED6F197",
"versionEndIncluding": "4.3.7",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Symfony versiones 2.8.0 hasta 2.8.50, 3.4.0 hasta 3.4.34, 4.2.0 hasta 4.2.11 y 4.3.0 hasta 4.3.7. El UriSigner estaba sujeto a ataques de sincronizaci\u00f3n. Esto est\u00e1 relacionado con el archivo symfony/http-kernel."
}
],
"id": "CVE-2019-18887",
"lastModified": "2024-11-21T04:33:46.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T23:15:13.403",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-17 23:15
Modified
2024-11-21 06:07
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62EC75F1-EC6A-45F1-99A0-BA5CD24E246F",
"versionEndExcluding": "5.3.2",
"versionStartIncluding": "5.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."
},
{
"lang": "es",
"value": "Symfony es un framework PHP para aplicaciones web y de consola y un ajuste de componentes PHP reutilizables. Una vulnerabilidad relacionada con la autenticaci\u00f3n del firewall se presenta en Symfony a partir de versi\u00f3n 5.3.0 y anteriores a 5.3.2. Cuando una aplicaci\u00f3n define m\u00faltiples firewalls, el token autenticado por uno de los firewalls estaba disponible para todos los otros firewalls. Esto podr\u00eda ser abusado cuando la aplicaci\u00f3n define diferentes proveedores para cada parte de la aplicaci\u00f3n, en tal situaci\u00f3n, un usuario autenticado en una parte de la aplicaci\u00f3n podr\u00eda ser considerado autenticado en el resto de la aplicaci\u00f3n. A partir de versi\u00f3n 5.3.2, un parche asegura que el token autenticado s\u00f3lo est\u00e1 disponible para el firewall que lo genera"
}
],
"id": "CVE-2021-32693",
"lastModified": "2024-11-21T06:07:32.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-17T23:15:07.597",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 23:15
Modified
2024-11-21 04:20
Severity ?
Summary
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/symfony/symfony/releases/tag/v4.3.8 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3 | Patch, Third Party Advisory | |
| cve@mitre.org | https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter | Vendor Advisory | |
| cve@mitre.org | https://symfony.com/blog/symfony-4-3-8-released | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/releases/tag/v4.3.8 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://symfony.com/blog/symfony-4-3-8-released | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F412903-1875-4AC8-8F82-CFB28AADC6EE",
"versionEndExcluding": "4.2.12",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC6840E-59F4-4C6F-B1E0-C1935C15363E",
"versionEndExcluding": "4.3.8",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Symfony versiones anteriores a 4.2.12 y versiones 4.3.x anteriores a 4.3.8. El componente VarExport escapa incorrectamente las cadenas, lo que permite a algunas especialmente dise\u00f1adas escalar a la ejecuci\u00f3n de c\u00f3digo PHP arbitrario. Esto est\u00e1 relacionado con el archivo symfony/var-exporter."
}
],
"id": "CVE-2019-11325",
"lastModified": "2024-11-21T04:20:53.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T23:15:13.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/var-exporter/compare/d8bf442...57e00f3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-10 18:15
Modified
2024-11-21 08:29
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056B4D3-0C63-467F-A308-EB5DEE894B85",
"versionEndExcluding": "6.3.8",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn\u0027t return any user-submitted input in its response."
},
{
"lang": "es",
"value": "Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de la versi\u00f3n 6.0.0 y anteriores a la versi\u00f3n 6.3.8, el mensaje de error en `WebhookController` devuelve informaci\u00f3n enviada por el usuario sin formato de escape. A partir de la versi\u00f3n 6.3.8, `WebhookController` ahora no devuelve ninguna entrada enviada por el usuario en su respuesta."
}
],
"id": "CVE-2023-46735",
"lastModified": "2024-11-21T08:29:11.517",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-10T18:15:09.657",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-18 01:55
Modified
2024-11-21 01:44
Severity ?
Summary
lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | 1.4.0 | |
| sensiolabs | symfony | 1.4.0 | |
| sensiolabs | symfony | 1.4.0 | |
| sensiolabs | symfony | 1.4.1 | |
| sensiolabs | symfony | 1.4.2 | |
| sensiolabs | symfony | 1.4.3 | |
| sensiolabs | symfony | 1.4.4 | |
| sensiolabs | symfony | 1.4.5 | |
| sensiolabs | symfony | 1.4.6 | |
| sensiolabs | symfony | 1.4.7 | |
| sensiolabs | symfony | 1.4.8 | |
| sensiolabs | symfony | 1.4.9 | |
| sensiolabs | symfony | 1.4.10 | |
| sensiolabs | symfony | 1.4.11 | |
| sensiolabs | symfony | 1.4.12 | |
| sensiolabs | symfony | 1.4.13 | |
| sensiolabs | symfony | 1.4.14 | |
| sensiolabs | symfony | 1.4.15 | |
| sensiolabs | symfony | 1.4.16 | |
| sensiolabs | symfony | 1.4.17 | |
| sensiolabs | symfony | 1.4.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D5A33CD-B820-44E7-8FBD-CD45E2078C65",
"versionEndIncluding": "1.4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F1040D-AFBA-4A73-AC13-8504A0625AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "84094B27-A701-4978-91D7-587AF314B6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "79B1B57C-DE96-4ECB-AD92-F52667FC4E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78201955-7DCB-4FA2-B745-67DDE420BB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F4680367-B5EA-4593-8F72-0E4C1EAA30AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B4301-FF9E-4C02-8E0F-42C25831EC99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4C4F47-4DEB-45A0-BD05-245079D1A914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3356E269-D119-4130-92A5-A8DBA0FAB738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D5B3-00CE-4A86-9063-14B150CB973A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC37A5-5ABA-4A1B-9CF8-E10D74B603C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC08043-3427-4F2F-BE15-9800AD5DE6B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2E73B1AE-6AAE-4862-89D5-E58F3FEF474F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "82BF2472-CD81-4578-8FE4-52BEF395FD8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2143A607-79CE-4D2D-BE8E-3F3F164733B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A59CD0-89BC-461C-B7D7-74CB94C2EF15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3197A9BD-E102-4397-932F-BB3ED97937AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEB7732-879C-4C82-82F4-89C4D37A53C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "729995D3-4D28-4ECF-9A2B-61EF87F8A766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1BCCFEAB-1CBE-4EF6-9DB0-D614D349A6E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7003FBF4-75C0-497E-B274-D20FF651A527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE1A088-2CAE-489A-83AF-1612F9AB8D45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request."
},
{
"lang": "es",
"value": "lib/form/sfForm.class.php en Symfony CMS anterior a v1.4.20 permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de una petici\u00f3n de carga manipulada."
}
],
"id": "CVE-2012-5574",
"lastModified": "2024-11-21T01:44:54.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-18T01:55:06.447",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51372"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-20-released"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://trac.symfony-project.org/changeset/33598"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/26/12"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/87869"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/56685"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444696"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880240"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-20-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://trac.symfony-project.org/changeset/33598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/26/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/87869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80309"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-30 20:15
Modified
2024-11-21 05:33
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A736C1DC-7AB3-4406-ABD8-60C143F225E4",
"versionEndExcluding": "4.4.4",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03FB6307-56EA-4047-ABE0-4658CD8358FB",
"versionEndExcluding": "5.0.4",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5"
},
{
"lang": "es",
"value": "En Symfony versiones anteriores a 5.0.5 y 4.4.5, algunas propiedades de la Excepci\u00f3n no fueron escapados apropiadamente cuando el \"ErrorHandler\" la renderiz\u00f3 en stacktrace. Adem\u00e1s, el stacktrace fue desplegado incluso en una configuraci\u00f3n sin depuraci\u00f3n. ErrorHandler ahora escapa de todas las propiedades de la excepci\u00f3n, y el stacktrace se muestra solo en la configuraci\u00f3n de depuraci\u00f3n. Este problema est\u00e1 parcheado en Symfony/http-foundation versiones 4.4.5 y 5.0.5."
}
],
"id": "CVE-2020-5274",
"lastModified": "2024-11-21T05:33:48.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-30T20:15:19.633",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-27 11:47
Modified
2024-11-21 01:46
Severity ?
Summary
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | 2.0.0 | |
| sensiolabs | symfony | 2.0.1 | |
| sensiolabs | symfony | 2.0.2 | |
| sensiolabs | symfony | 2.0.3 | |
| sensiolabs | symfony | 2.0.4 | |
| sensiolabs | symfony | 2.0.5 | |
| sensiolabs | symfony | 2.0.6 | |
| sensiolabs | symfony | 2.0.7 | |
| sensiolabs | symfony | 2.0.8 | |
| sensiolabs | symfony | 2.0.9 | |
| sensiolabs | symfony | 2.0.10 | |
| sensiolabs | symfony | 2.0.11 | |
| sensiolabs | symfony | 2.0.12 | |
| sensiolabs | symfony | 2.0.13 | |
| sensiolabs | symfony | 2.0.14 | |
| sensiolabs | symfony | 2.0.15 | |
| sensiolabs | symfony | 2.0.16 | |
| sensiolabs | symfony | 2.0.17 | |
| sensiolabs | symfony | 2.0.18 | |
| sensiolabs | symfony | 2.0.19 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379F1431-3466-4263-8C02-D6541E593F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBEC708-96A2-43DD-88C0-9407ABB6D4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B52BED-2996-4C96-A348-98A8C72C8EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6279E7-F362-4C13-A965-908BCF9C30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A101B27-9AE7-4C04-80BC-03A981217782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3360BFF1-89ED-4294-A503-835C9C40C7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE78FEA0-42E8-463C-9C7C-C778F712BB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5CEE9C-822C-491F-841C-218AA21C0AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "822F9083-5542-41AA-B9FA-1B43DE633340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "165F68AE-AB34-4C20-88C6-56210548242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B13BE7AA-72FD-402D-8919-BC5F23D03EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1B511-5EBC-4301-A561-AE15B63DFC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF62D2D-2D62-4F15-83CD-F635DC838031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A8431-356C-498F-AAEA-EC8D05D74877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E53A27F2-9C3D-4670-BE1E-A1F6994EF1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18DEB929-6B35-488B-80BF-70448BF7A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB03E2D-F137-4CBA-887D-D1461735C958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D37175A7-C937-4758-8EED-BE24C43AA115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EF598F-F8F6-4980-BC76-C2FAF8FE7AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CD1432-1C91-4DFE-86E0-E5E97775A425",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string."
},
{
"lang": "es",
"value": "Symfony v2.0.20 antes de v2.0.x no procesa los datos de URL codificadas consistentemente dentro de los componentes de seguridad y enrutado, lo que permite a atacantes remotos evitar las restricciones de acceso a URIs a trav\u00e9s de una cadena doblemente codificada.\r\n"
}
],
"id": "CVE-2012-6431",
"lastModified": "2024-11-21T01:46:06.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-27T11:47:01.790",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-03 17:29
Modified
2024-11-21 03:49
Severity ?
Summary
An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| drupal | drupal | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75150355-4AEB-4409-B8AE-413A1A7E6EA5",
"versionEndIncluding": "2.7.48",
"versionStartExcluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9158CA7-0193-4342-9A09-126D8F667591",
"versionEndIncluding": "2.8.43",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "933F48FF-3D58-455A-85D5-563A5C454020",
"versionEndIncluding": "3.3.17",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09200F9D-A68B-4322-9626-7A869EC1E18A",
"versionEndIncluding": "3.4.13",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77747DC8-9E86-4619-A98F-CAC8BF7BA7B7",
"versionEndIncluding": "4.0.13",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0261DC21-9664-4D09-AE19-632C0D083D48",
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60BDF39F-889D-47FE-9345-BBC78FBC1A44",
"versionEndExcluding": "8.5.6",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it\u0027s not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \\Symfony\\Component\\HttpFoundation\\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Http Foundation en Symfony, desde la versi\u00f3n 2.7.0 hasta la 2.7.48, desde la versi\u00f3n 2.8.0 hasta la 2.8.43, desde la versi\u00f3n 3.3.0 hasta la 3.3.17, desde la versi\u00f3n 3.4.0 hasta la 3.4.13, desde la versi\u00f3n 4.0.0 hasta la 4.0.13 y desde la versi\u00f3n 4.1.0 hasta la 4.1.2. Se origina desde el soporte a una cabecera IIS (heredada) que deja que los usuarios sobrescriban la ruta en la URL de petici\u00f3n mediante la cabecera de petici\u00f3n HTTP X-Original-URL o X-Rewrite-URL. Estas cabeceras han sido dise\u00f1adas para ser compatibles con IIS, pero no est\u00e1 verificado que el servidor est\u00e9, de hecho, ejecutando IIS, lo que significa que cualquiera que pueda enviar estas peticiones a la aplicaci\u00f3n puede desencadenar este problema. Esto afecta a \\Symfony\\Component\\HttpFoundation\\Request::prepareRequestUri() donde se emplean tanto X-Original-URL como X_REWRITE_URL. La soluci\u00f3n elimina el soporte a estos m\u00e9todos para que no puedan ser empleados como vectores de ataque, como el envenenamiento de la cach\u00e9 web."
}
],
"id": "CVE-2018-14773",
"lastModified": "2024-11-21T03:49:45.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-03T17:29:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104943"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041405"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.drupal.org/SA-CORE-2018-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.drupal.org/SA-CORE-2018-005"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-16 22:29
Modified
2024-11-21 04:20
Severity ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| drupal | drupal | * | |
| drupal | drupal | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A86884C0-A185-4CCF-AB21-1D1529AEDAED",
"versionEndExcluding": "2.7.51",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4716654-1055-44B3-8E51-5BC0E739E0CB",
"versionEndExcluding": "2.8.50",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF53486E-FAAC-40B3-82CE-4EDCD2C96690",
"versionEndExcluding": "3.4.26",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25A92454-6E0B-4BDE-8967-BB3E32125102",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53E58B92-6D5D-4949-B75F-687F52961FDA",
"versionEndExcluding": "4.2.7",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9106BF81-B898-4EB0-B63C-9919D3B22260",
"versionEndExcluding": "8.5.15",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B37281E-9B44-42A5-AE0A-17CE6770995C",
"versionEndExcluding": "8.6.15",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security."
},
{
"lang": "es",
"value": "En Symfony la versi\u00f3n anterior a 2.7.51, versi\u00f3n 2.8.x anterior a 2.8.50, versi\u00f3n 3.x anterior a 3.4.26, versi\u00f3n 4.x anterior a 4.1.12 y versi\u00f3n 4.2.x anterior a 4.2.7, una vulnerabilidad permitir\u00eda que un atacante se identifique como un Usuario privilegiado en sitios con registro de usuario y recordar la funcionalidad de inicio de sesi\u00f3n habilitada. Esto est\u00e1 relacionado con Symfony/Seguridad."
}
],
"id": "CVE-2019-10911",
"lastModified": "2024-11-21T04:20:07.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T22:29:00.500",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-16 22:29
Modified
2024-11-21 04:20
Severity ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| drupal | drupal | * | |
| drupal | drupal | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A86884C0-A185-4CCF-AB21-1D1529AEDAED",
"versionEndExcluding": "2.7.51",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4716654-1055-44B3-8E51-5BC0E739E0CB",
"versionEndExcluding": "2.8.50",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF53486E-FAAC-40B3-82CE-4EDCD2C96690",
"versionEndExcluding": "3.4.26",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25A92454-6E0B-4BDE-8967-BB3E32125102",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53E58B92-6D5D-4949-B75F-687F52961FDA",
"versionEndExcluding": "4.2.7",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9106BF81-B898-4EB0-B63C-9919D3B22260",
"versionEndExcluding": "8.5.15",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B37281E-9B44-42A5-AE0A-17CE6770995C",
"versionEndExcluding": "8.6.15",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle."
},
{
"lang": "es",
"value": "En Symfony anterior de la versi\u00f3n 2.7.51, versi\u00f3n 2.8.x anterior de 2.8.50, versi\u00f3n 3.x anterior de 3.4.26, versi\u00f3n 4.x anterior de 4.1.12 y versi\u00f3n 4.2.x anterior de 4.2.7, los mensajes de validaci\u00f3n no son evadidos, lo que puede llevar a una vulnerabilidad de XSS cuando una entrada del usuario sea incluida. Esto est\u00e1 relacionado con symfony/framework-bundle"
}
],
"id": "CVE-2019-10909",
"lastModified": "2024-11-21T04:20:06.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T22:29:00.283",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.drupal.org/sa-core-2019-005"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.drupal.org/sa-core-2019-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-02 15:55
Modified
2024-11-21 01:49
Severity ?
Summary
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379F1431-3466-4263-8C02-D6541E593F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBEC708-96A2-43DD-88C0-9407ABB6D4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B52BED-2996-4C96-A348-98A8C72C8EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6279E7-F362-4C13-A965-908BCF9C30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A101B27-9AE7-4C04-80BC-03A981217782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3360BFF1-89ED-4294-A503-835C9C40C7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE78FEA0-42E8-463C-9C7C-C778F712BB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5CEE9C-822C-491F-841C-218AA21C0AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "822F9083-5542-41AA-B9FA-1B43DE633340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "165F68AE-AB34-4C20-88C6-56210548242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B13BE7AA-72FD-402D-8919-BC5F23D03EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1B511-5EBC-4301-A561-AE15B63DFC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF62D2D-2D62-4F15-83CD-F635DC838031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A8431-356C-498F-AAEA-EC8D05D74877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E53A27F2-9C3D-4670-BE1E-A1F6994EF1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18DEB929-6B35-488B-80BF-70448BF7A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB03E2D-F137-4CBA-887D-D1461735C958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D37175A7-C937-4758-8EED-BE24C43AA115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EF598F-F8F6-4980-BC76-C2FAF8FE7AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CD1432-1C91-4DFE-86E0-E5E97775A425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "768F171C-3625-4696-ACEC-A10FA70F6BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "55B048CA-DDD8-473A-88D5-1AA36B134F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CD9AD6-5303-41C3-848B-504BFC03307D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1175DE26-53D0-4411-8416-C60602A097D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88E95571-E3F3-4D8F-A03C-C95317D7C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEC939-1319-475E-AE3B-5BFB3D05A38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DB3966-94A2-4154-8449-09C4E44127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E16EB7-BA1C-4B49-A466-68EC0067D432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD23E22-222D-4933-B534-B1E91807D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F79CDFB3-9BE8-4D29-90D0-9A14A7478CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE2FA705-1052-4938-9177-A16CC317C0A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "078D5869-B3E3-4046-A942-B63921AD19DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "098D9DD8-2113-48BA-A31C-75ED36F010CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DCEE5787-51E2-40EC-8B6E-FCA049E88381",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFBB031-DD47-41AB-BC38-D006F6C94FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "37873421-811B-45C7-9C75-CF92DEBD8DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B692349E-6ACF-4F39-B334-EB649C03C008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCDA8E2-61B1-49D1-B99D-3FDB640B3D3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B2F5DA-6679-4720-A296-FD06A0AE62C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "68CFDDF0-86AF-4360-BBA3-C8D4D23F28E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\\Parser::parse function, a different vulnerability than CVE-2013-1348."
},
{
"lang": "es",
"value": "Symfony 2.0.x anterior a 2.0.22, 2.1.x anterior a 2.1.7 y 2.2.x permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario a trav\u00e9s de un objeto PHP serializado hacia la funci\u00f3n (1) Yaml::parse o (2) Yaml\\Parser::parse, una vulnerabilidad diferente a CVE-2013-1348."
}
],
"id": "CVE-2013-1397",
"lastModified": "2024-11-21T01:49:29.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-02T15:55:08.497",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/51980"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/57574"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81551"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-07 20:59
Modified
2024-11-21 02:38
Severity ?
Summary
Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "815710CF-CD6F-482A-AA49-F5DBD69CC78C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3614217B-B696-42F5-B700-154DC4A10362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F16129-1132-410A-ABF5-07043E748EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86E24535-7FDC-4CD5-9CFF-BE3497D8142A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39FAF963-1682-42ED-BE1C-04F4D67BC7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FAD933-5F1B-443C-833A-A7CA42B3E3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8315CC2E-1CA5-4877-9D8B-B1CE4C7E951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B65CCFF0-491A-49AC-89DC-1C5BB2E17C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF037E9-7BCB-4B15-90E5-AC12B635FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB53AD64-7FA3-4B51-9BA4-1E6CEBC320B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4299D5E-496C-455A-B6CB-1324D73E3BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D52D4F61-92C2-44BA-8913-84C7B9625ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "AE64BBD6-A363-4331-B146-A15C299FA9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D3193871-9D22-489C-999C-047D126CB2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "24349F39-72FD-4669-99EB-C53EA8D30703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4D9AFF-7F87-48CC-9C82-FC89F909A82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4C305C-1FDF-4D93-97F5-10D8C8ABE7B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A1770E39-DCE8-4F81-9E18-F606CEA1DA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "104DB666-5608-4822-B4DA-A8BFB64856E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "5B629031-7AC2-4918-9FEC-C9D26EBB0161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "397E0404-9856-45C1-B12D-058E84F3FA3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EC987B-3C4D-4575-9BC8-9AFB794A20E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "DE17FB48-06AA-4275-9F3A-0CF008C9C86B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "39F81F64-CCF2-4CB1-9504-153267839BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1244EA-78F7-4501-9E42-52C77CE37963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD0661-41FA-4F89-A1D8-C50BE232D36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC87263-68E3-4BF8-8ED7-C40CC2F8CE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51A66842-7423-49F0-9FD3-64B7DE146F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "68CBB5C6-C707-43E9-AFC5-467E376D9218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.29:*:*:*:*:*:*:*",
"matchCriteriaId": "53ADBD77-5D7C-4065-AF07-0D7D913EAB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "60E9C327-F168-4591-AF45-86AC9695AFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.31:*:*:*:*:*:*:*",
"matchCriteriaId": "44A428C5-7A39-4B17-850C-5A2BA7D207B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EAA53F-6A62-4BD5-BB3D-B95885877067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.33:*:*:*:*:*:*:*",
"matchCriteriaId": "5C839442-0832-42C7-8D3C-C3BC75F96CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.34:*:*:*:*:*:*:*",
"matchCriteriaId": "07CA4138-9897-44A5-BBCC-B5054D5F9EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F13A190-1F97-4D7B-826A-E976934AE82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27770F28-584A-48E1-B885-6C6D17F546ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D52659E-1F0D-4319-A986-9BA512995C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C177DF32-F356-483C-82E5-8FCC68D89A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9461C-A049-48EC-BB3E-FD3212C82795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7EF330-714D-42E4-A2CF-406B84F3945B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2D86A4FF-9BD2-4B3D-A2CE-E9200A4EC690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5D6667BA-5A82-480B-AD9B-0E4CD0188458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7CFF0C34-4474-448B-8402-F9F7E6E1BA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA6C319-AE4B-419F-BCAD-57D8ACF83EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "00E132C9-F809-4AD9-959B-FFA8CB92780D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE3955-422A-4E81-9B81-4C2484E5C335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCF4EF8-5251-46B4-9B53-44783CD82082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A03AAA02-DB58-42C5-B4A6-C2608CDB7123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DA4FA9-AED8-4CCB-85E4-6D0BF6776FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "32021069-B447-40B2-BBF9-0D2CFDE8ECC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "38F01C2E-5A1B-441A-B58C-C450AA1C1410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "660AA98C-4E93-4D8B-A4EC-A94E24DCDB9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "388F9E94-C2C1-4010-97DA-B008E89D500F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component."
},
{
"lang": "es",
"value": "Symfony 2.3.x en versiones anteriores a 2.3.35, 2.6.x en versiones anteriores a 2.6.12 y 2.7.x en versiones anteriores a 2.7.7 podr\u00eda permitir a atacantes remotos tener un impacto no especificado a trav\u00e9s de un ataque de sincronizaci\u00f3n involucrando las clases (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices o (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener en la implementaci\u00f3n Symfony Security Component o la implementaci\u00f3n de (3) legacy CSRF de la clase Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider en el componente Symfony Form."
}
],
"id": "CVE-2015-8125",
"lastModified": "2024-11-21T02:38:02.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-07T20:59:15.487",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/77692"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-02 18:15
Modified
2024-11-21 05:04
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind (all HTTP calls come from a trusted backend in that scenario). But when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible. This has been fixed in versions 4.4.13 and 5.1.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | httpclient | * | |
| sensiolabs | httpclient | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:httpclient:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C545D1-352A-422D-894D-0360C8B809C2",
"versionEndExcluding": "4.4.13",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:httpclient:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE0E0B8-46EE-4796-8EA2-7820B389AB69",
"versionEndExcluding": "5.1.5",
"versionStartIncluding": "5.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54E31480-E11B-440E-86DE-69B27A20E013",
"versionEndExcluding": "4.4.13",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8353F9-2F4C-4BE9-A407-F22C08001271",
"versionEndExcluding": "5.1.5",
"versionStartIncluding": "5.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind (all HTTP calls come from a trusted backend in that scenario). But when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible. This has been fixed in versions 4.4.13 and 5.1.5."
},
{
"lang": "es",
"value": "En Symfony versiones anteriores a 4.4.13 y 5.1.5, la clase CachingHttpClient del componente HttpClient Symfony se basa en la clase HttpCache para manejar las peticiones. HttpCache utiliza encabezados internos como X-Body-Eval y X-Body-File para controlar la restauraci\u00f3n de las respuestas almacenadas en cach\u00e9. La clase fue inicialmente escrita teniendo en cuenta el almacenamiento en cach\u00e9 sustituto y la compatibilidad con ESI (todas las llamadas HTTP provienen de un backend confiable en ese escenario). Pero cuando es usado por CachingHttpClient y si un atacante puede controlar la respuesta para una petici\u00f3n siendo hecha por CachingHttpClient, es posible una ejecuci\u00f3n de c\u00f3digo remota. Esto ha sido corregido en las versiones 4.4.13 y 5.1.5"
}
],
"id": "CVE-2020-15094",
"lastModified": "2024-11-21T05:04:47.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-02T18:15:11.187",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://packagist.org/packages/symfony/symfony"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://packagist.org/packages/symfony/symfony"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-212"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 23:15
Modified
2024-11-21 04:33
Severity ?
Summary
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81CFEF16-57A9-4123-8254-0D8941420C56",
"versionEndIncluding": "3.4.34",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1317DFC-16C6-48A6-B792-3A190E552E79",
"versionEndIncluding": "4.2.11",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAE8AADD-6D19-481A-86D2-9E305ED6F197",
"versionEndIncluding": "4.3.7",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Symfony versiones 3.4.0 hasta 3.4.34, 4.2.0 hasta 4.2.11 y 4.3.0 hasta 4.3.7. La serializaci\u00f3n de ciertas interfaces del adaptador de cach\u00e9 podr\u00eda resultar en la inyecci\u00f3n de c\u00f3digo remota. Esto est\u00e1 relacionado con el archivo symfony/cache."
}
],
"id": "CVE-2019-18889",
"lastModified": "2024-11-21T04:33:47.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T23:15:13.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-06 21:29
Modified
2024-11-21 03:16
Severity ?
Summary
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version >=2) does not use different tokens for HTTP and HTTPS; therefore the token is subject to MITM attacks on HTTP and can then be used in an HTTPS context to do CSRF attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/symfony/symfony/pull/24992 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4262 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/pull/24992 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4262 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B84DB7E-B758-4D6A-B10B-AE602F172EC0",
"versionEndIncluding": "2.7.37",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E4D371-1EC1-49A7-BED2-F9C36E8C5BB4",
"versionEndIncluding": "3.2.13",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49BB635A-5911-4DB0-A75C-D73EBC772283",
"versionEndIncluding": "3.3.12",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B081CEE-9990-48CE-9ED2-06CBB6F977EA",
"versionEndIncluding": "3.8.30",
"versionStartIncluding": "3.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version \u003e=2) does not use different tokens for HTTP and HTTPS; therefore the token is subject to MITM attacks on HTTP and can then be used in an HTTPS context to do CSRF attacks."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Symfony en versiones anteriores a la 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5 y 4.0-BETA5. La implementaci\u00f3n actual de la protecci\u00f3n CSRF en Symfony (versiones a partir de la 2) no emplea tokens diferentes para HTTP y HTTPS; por lo tanto, el token es vulnerable a ataques Man-in-the-Middle (MitM) en HTTP y puede emplearse en un contexto HTTPS para realizar ataques Cross-Site Request Forgery (CSRF)."
}
],
"id": "CVE-2017-16653",
"lastModified": "2024-11-21T03:16:46.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-06T21:29:00.283",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/24992"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/24992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 23:15
Modified
2024-11-21 04:33
Severity ?
Summary
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E4E0D1-FE7D-48CC-A198-D0CD4E25AF84",
"versionEndIncluding": "2.8.50",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81CFEF16-57A9-4123-8254-0D8941420C56",
"versionEndIncluding": "3.4.34",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1317DFC-16C6-48A6-B792-3A190E552E79",
"versionEndIncluding": "4.2.11",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAE8AADD-6D19-481A-86D2-9E305ED6F197",
"versionEndIncluding": "4.3.7",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x)."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Symfony versiones 2.8.0 hasta 2.8.50, 3.4.0 hasta 3.4.34, 4.2.0 hasta 4.2.11 y 4.3.0 hasta 4.3.7. Si una aplicaci\u00f3n pasa una entrada de usuario no validada como el archivo para el que debe llevarse a cabo la validaci\u00f3n de tipo MIME, entonces argumentos arbitrarios son pasados al comando de archivo subyacente. Esto est\u00e1 relacionado con el archivo symfony/http-foundation (y el archivo symfony/mime en versiones 4.3.x)."
}
],
"id": "CVE-2019-18888",
"lastModified": "2024-11-21T04:33:47.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T23:15:13.530",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/symfony/symfony/releases/tag/v4.3.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZNXRVHDQBNZQUCNRVZICPPBFRAUWUJX/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UED22BOXTL2SSFMGYKA64ZFHGLLJG3EA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXEAOEANNIVYANTMOJ42NKSU6BGNBULZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://symfony.com/blog/symfony-4-3-8-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-01 13:15
Modified
2024-11-21 06:48
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7356092-E62D-45EF-961F-B23BA7314D31",
"versionEndExcluding": "5.3.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB18B56-8D8D-44D1-8F65-F2B108AD864F",
"versionEndExcluding": "5.4.4",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9C7740-7B6C-4E6A-8402-FF6CB7AB7330",
"versionEndExcluding": "6.0.4",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue."
},
{
"lang": "es",
"value": "Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reusables. El componente de formulario de Symfony proporciona un mecanismo de protecci\u00f3n CSRF mediante el uso de un token aleatorio inyectado en el formulario y usando la sesi\u00f3n para almacenar y controlar el token enviado por el usuario. Cuando es usado el FrameworkBundle, esta protecci\u00f3n puede ser habilitada o deshabilitada con la configuraci\u00f3n. Si no es especificada la configuraci\u00f3n, por defecto, el mecanismo est\u00e1 habilitado siempre que la sesi\u00f3n est\u00e9 habilitada. En un cambio reciente en la forma de cargar la configuraci\u00f3n, el comportamiento por defecto ha sido abandonado y, como resultado, la protecci\u00f3n de tipo CSRF no est\u00e1 habilitada en forma cuando no est\u00e1 expl\u00edcitamente habilitada, lo que hace que la aplicaci\u00f3n sea vulnerable a ataques de tipo CSRF. Este problema ha sido resuelto en las versiones de parche indicadas y se aconseja a usuarios que actualicen. No se conocen medidas de mitigaci\u00f3n adicionales para este problema"
}
],
"id": "CVE-2022-23601",
"lastModified": "2024-11-21T06:48:54.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-01T13:15:10.313",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-27 18:59
Modified
2024-11-21 01:58
Severity ?
Summary
The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379F1431-3466-4263-8C02-D6541E593F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBEC708-96A2-43DD-88C0-9407ABB6D4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B52BED-2996-4C96-A348-98A8C72C8EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6279E7-F362-4C13-A965-908BCF9C30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A101B27-9AE7-4C04-80BC-03A981217782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3360BFF1-89ED-4294-A503-835C9C40C7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE78FEA0-42E8-463C-9C7C-C778F712BB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5CEE9C-822C-491F-841C-218AA21C0AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "822F9083-5542-41AA-B9FA-1B43DE633340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "165F68AE-AB34-4C20-88C6-56210548242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B13BE7AA-72FD-402D-8919-BC5F23D03EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1B511-5EBC-4301-A561-AE15B63DFC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF62D2D-2D62-4F15-83CD-F635DC838031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A8431-356C-498F-AAEA-EC8D05D74877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E53A27F2-9C3D-4670-BE1E-A1F6994EF1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18DEB929-6B35-488B-80BF-70448BF7A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB03E2D-F137-4CBA-887D-D1461735C958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D37175A7-C937-4758-8EED-BE24C43AA115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EF598F-F8F6-4980-BC76-C2FAF8FE7AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CD1432-1C91-4DFE-86E0-E5E97775A425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "768F171C-3625-4696-ACEC-A10FA70F6BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "55B048CA-DDD8-473A-88D5-1AA36B134F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "23EE797D-54E8-4063-82DB-3D55027DC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECB5DDB-1D4D-4134-94DA-94292571C295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "513F2502-A37E-4FC7-B1AF-8978E5A8C22A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CD9AD6-5303-41C3-848B-504BFC03307D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1175DE26-53D0-4411-8416-C60602A097D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88E95571-E3F3-4D8F-A03C-C95317D7C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEC939-1319-475E-AE3B-5BFB3D05A38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DB3966-94A2-4154-8449-09C4E44127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E16EB7-BA1C-4B49-A466-68EC0067D432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD23E22-222D-4933-B534-B1E91807D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D80A3A8-C230-4F81-8852-21985FB6562C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "66D6B609-A832-4FFD-B1AE-D45D82213CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E37287B2-E747-46D7-9779-DA39DE81A6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5E6292-15C3-413F-A078-FCB6E460A255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE4C062-E36D-4A23-9E93-C44C680B11EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "95E3EF60-CFBF-4E6C-880B-26424EB5D384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2:dev:*:*:*:*:*:*",
"matchCriteriaId": "892F1A5D-4770-4B23-9FF0-934D7592A3AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F79CDFB3-9BE8-4D29-90D0-9A14A7478CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE2FA705-1052-4938-9177-A16CC317C0A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "078D5869-B3E3-4046-A942-B63921AD19DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "098D9DD8-2113-48BA-A31C-75ED36F010CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DCEE5787-51E2-40EC-8B6E-FCA049E88381",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFBB031-DD47-41AB-BC38-D006F6C94FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "37873421-811B-45C7-9C75-CF92DEBD8DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B692349E-6ACF-4F39-B334-EB649C03C008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "815710CF-CD6F-482A-AA49-F5DBD69CC78C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3614217B-B696-42F5-B700-154DC4A10362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F16129-1132-410A-ABF5-07043E748EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86E24535-7FDC-4CD5-9CFF-BE3497D8142A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39FAF963-1682-42ED-BE1C-04F4D67BC7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FAD933-5F1B-443C-833A-A7CA42B3E3AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750."
},
{
"lang": "es",
"value": "El componente de seguridad en Symfony 2.0.x anterior a 2.0.25, 2.1.x anterior a 2.1.13, 2.2.x anterior a 2.2.9, y 2.3.x anterior a 2.3.6 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de una contrase\u00f1a larga que lanza un hash con alta carga de computaci\u00f3n, como lo demuestra el c\u00e1lculo PBKDF2, un problema similar a CVE-2013-5750"
}
],
"id": "CVE-2013-5958",
"lastModified": "2024-11-21T01:58:29.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-27T18:59:01.197",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-01 22:59
Modified
2024-11-21 02:52
Severity ?
Summary
The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | 2.7.0 | |
| sensiolabs | symfony | 2.7.1 | |
| sensiolabs | symfony | 2.7.2 | |
| sensiolabs | symfony | 2.7.3 | |
| sensiolabs | symfony | 2.7.4 | |
| sensiolabs | symfony | 2.7.5 | |
| sensiolabs | symfony | 2.7.6 | |
| sensiolabs | symfony | 2.7.7 | |
| sensiolabs | symfony | 2.7.8 | |
| sensiolabs | symfony | 2.7.9 | |
| sensiolabs | symfony | 2.7.10 | |
| sensiolabs | symfony | 2.7.11 | |
| sensiolabs | symfony | 2.7.12 | |
| sensiolabs | symfony | 2.8.0 | |
| sensiolabs | symfony | 2.8.1 | |
| sensiolabs | symfony | 2.8.2 | |
| sensiolabs | symfony | 2.8.3 | |
| sensiolabs | symfony | 2.8.4 | |
| sensiolabs | symfony | 2.8.5 | |
| sensiolabs | symfony | 3.0.0 | |
| sensiolabs | symfony | 3.0.1 | |
| sensiolabs | symfony | 3.0.2 | |
| sensiolabs | symfony | 3.0.3 | |
| sensiolabs | symfony | 3.0.4 | |
| sensiolabs | symfony | 3.0.5 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "363F096B-9543-4632-AEE7-EA8E78376EE6",
"versionEndIncluding": "2.3.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCF4EF8-5251-46B4-9B53-44783CD82082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A03AAA02-DB58-42C5-B4A6-C2608CDB7123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DA4FA9-AED8-4CCB-85E4-6D0BF6776FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "32021069-B447-40B2-BBF9-0D2CFDE8ECC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "38F01C2E-5A1B-441A-B58C-C450AA1C1410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "660AA98C-4E93-4D8B-A4EC-A94E24DCDB9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "388F9E94-C2C1-4010-97DA-B008E89D500F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F89AEFB-7D2C-46EF-B0FF-D8C1B636EB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6F1CF5-F8A5-43E2-B9C4-912A0583E558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA4F511-1DFF-4705-9752-D0A35A6B3421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8176FACA-64A3-40C3-AD08-EA5840E5FEDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3B18C5B9-F80D-460C-A65B-2445ED71119F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "34D7BE55-A7CC-4BA5-B776-02A63707BBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01C2E25-6FEE-49C8-A9D8-F4935A0F915E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68869331-57A0-451D-9888-32643537B736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3598D2C0-4AB1-4C4F-98ED-2862E7C42497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9F100F2F-EB9F-41E3-AB84-49E49A61C728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "135156B2-2ADF-4127-A4F1-309FB99868B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AABE15FF-B488-49D6-B284-89ECE1C2E54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D07C355A-FF00-44DF-A899-B727DAEBB83F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "235F1F79-E3FB-452C-98E3-A3D978CC9819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC270EEB-02CC-4960-9F3D-41AB86636864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1570191-3967-4C89-B7B3-07C4FC369C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC56E52-31DB-4B3C-8E07-B7358079DEC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CE067114-08AF-46F0-8F46-1485C93A8857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames."
},
{
"lang": "es",
"value": "La funci\u00f3n attemptAuthentication en Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php en Symfony en versiones anteriores a 2.3.41, 2.7.x en versiones anteriores a 2.7.13, 2.8.x en versiones anteriores a 2.8.6 y 3.0.x en versiones anteriores a 3.0.6 no limita la longitud de un nombre de usuario almacenado en una sesi\u00f3n, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de almacenamiento de sesi\u00f3n) a trav\u00e9s de una series de intentos de autenticaci\u00f3n con nombres de usuario largos que no existen."
}
],
"id": "CVE-2016-4423",
"lastModified": "2024-11-21T02:52:08.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-01T22:59:02.457",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3588"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/symfony/symfony/pull/18733"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/symfony/symfony/pull/18733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-23 18:29
Modified
2024-11-21 03:07
Severity ?
Summary
Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/symfony/symfony/pull/23507 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/pull/23507 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | 2.7.30 | |
| sensiolabs | symfony | 2.8.23 | |
| sensiolabs | symfony | 3.2.10 | |
| sensiolabs | symfony | 3.3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "6568EAFA-31AB-4A0F-880B-F6663FBE3286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.23:*:*:*:*:*:*:*",
"matchCriteriaId": "03E38D99-9CE1-4CEE-A635-8CE9E14AE010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "62DDF7CB-FAB7-4536-BA76-6CD826202CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C12A2186-9B0C-4E44-A788-02A0C9B03BE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator."
},
{
"lang": "es",
"value": "Ciertos productos de Symfony se ven afectados por: Control de Acceso Incorrecto. Esto afecta a Symfony versi\u00f3n 2.7.30 y Symfony versi\u00f3n 2.8.23 y Symfony versi\u00f3n 3.2.10 y Symfony versi\u00f3n 3.3.3. El tipo de explotaci\u00f3n es: remota. El componente es: validador de contrase\u00f1a."
}
],
"id": "CVE-2017-11365",
"lastModified": "2024-11-21T03:07:39.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-23T18:29:00.373",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/23507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/878198cefae028386c6dc800ccbf18f2b9cbff3f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/23507"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-02 14:59
Modified
2024-11-21 02:30
Severity ?
Summary
FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | 2.3.19 | |
| sensiolabs | symfony | 2.3.20 | |
| sensiolabs | symfony | 2.3.21 | |
| sensiolabs | symfony | 2.3.22 | |
| sensiolabs | symfony | 2.3.23 | |
| sensiolabs | symfony | 2.3.24 | |
| sensiolabs | symfony | 2.3.25 | |
| sensiolabs | symfony | 2.3.26 | |
| sensiolabs | symfony | 2.3.27 | |
| sensiolabs | symfony | 2.3.28 | |
| sensiolabs | symfony | 2.4.9 | |
| sensiolabs | symfony | 2.4.10 | |
| sensiolabs | symfony | 2.5.4 | |
| sensiolabs | symfony | 2.5.5 | |
| sensiolabs | symfony | 2.5.6 | |
| sensiolabs | symfony | 2.5.7 | |
| sensiolabs | symfony | 2.5.8 | |
| sensiolabs | symfony | 2.5.9 | |
| sensiolabs | symfony | 2.5.10 | |
| sensiolabs | symfony | 2.5.11 | |
| sensiolabs | symfony | 2.6.0 | |
| sensiolabs | symfony | 2.6.1 | |
| sensiolabs | symfony | 2.6.3 | |
| sensiolabs | symfony | 2.6.4 | |
| sensiolabs | symfony | 2.6.5 | |
| sensiolabs | symfony | 2.6.6 | |
| sensiolabs | symfony | 2.6.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "5B629031-7AC2-4918-9FEC-C9D26EBB0161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "397E0404-9856-45C1-B12D-058E84F3FA3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EC987B-3C4D-4575-9BC8-9AFB794A20E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "DE17FB48-06AA-4275-9F3A-0CF008C9C86B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "39F81F64-CCF2-4CB1-9504-153267839BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1244EA-78F7-4501-9E42-52C77CE37963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD0661-41FA-4F89-A1D8-C50BE232D36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC87263-68E3-4BF8-8ED7-C40CC2F8CE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51A66842-7423-49F0-9FD3-64B7DE146F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "68CBB5C6-C707-43E9-AFC5-467E376D9218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE35E75-315C-472B-B8C3-4E9AF9C5421F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "360EFC8C-6FD2-48B1-A3E9-C16867B05F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97E35964-8D47-4146-AF91-C5EC0A8E1801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "01076190-7FDF-4A9C-99C9-A1F153BFFA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6EBF05-F0C6-4B36-8B5E-BF1793364AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE1BB71-C1E8-4957-B5A6-E7B24A3FEC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BD415B94-A1DA-4483-8F39-56BDF805A7DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC5594-43BE-4DA4-9420-C070F6C5C77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BFCA2A46-50CD-4C31-836C-F9D922810D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAA905B-96B5-41AF-A732-530666DE3D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F13A190-1F97-4D7B-826A-E976934AE82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27770F28-584A-48E1-B885-6C6D17F546ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C177DF32-F356-483C-82E5-8FCC68D89A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9461C-A049-48EC-BB3E-FD3212C82795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7EF330-714D-42E4-A2CF-406B84F3945B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2D86A4FF-9BD2-4B3D-A2CE-E9200A4EC690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5D6667BA-5A82-480B-AD9B-0E4CD0188458",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment."
},
{
"lang": "es",
"value": "FragmentListener en el componente HttpKernel en Symfony 2.3.19 hasta 2.3.28, 2.4.9 hasta 2.4.10, 2.5.4 hasta 2.5.11, y 2.6.0 hasta 2.6.7, cuando ek soporte ESI o SSI est\u00e1 habilitado, no comprueba si el atributo _controller esta configurado, lo que permite a atacantes remotos evadir la firma de URLs y las reglas de seguridad mediante la inclusi\u00f3n de (1) ning\u00fan hash o (2) un hash inv\u00e1lido en una solicitud a /_fragment."
}
],
"id": "CVE-2015-4050",
"lastModified": "2024-11-21T02:30:21.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-02T14:59:12.253",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159603.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159610.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3276"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159603.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159610.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74928"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-20 00:29
Modified
2024-11-21 03:19
Severity ?
Summary
The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /_debugbar/open?op=get URI. NOTE: the vendor's position is that this is not a vulnerability because the debug tools are not intended for production use. NOTE: the Symfony Debug component is used by Laravel Debugbar
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/barryvdh/laravel-debugbar/issues/850 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/symfony/symfony/issues/27987 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/symfony/symfony/pull/23684 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/barryvdh/laravel-debugbar/issues/850 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/issues/27987 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/pull/23684 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE043B4-4689-4BC1-86B0-4BB00B545D6E",
"versionEndExcluding": "2.7.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC436C0-4E79-45BD-9B31-2DD8A42E2427",
"versionEndExcluding": "2.8.26",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD89B10-CD20-4BEF-ABEE-8C2248B55BC9",
"versionEndExcluding": "3.2.13",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59558D75-9E6C-4C41-852C-E6E78C50B9CD",
"versionEndExcluding": "3.3.6",
"versionStartIncluding": "3.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The debug handler in Symfony before v2.7.33, 2.8.x before v2.8.26, 3.x before v3.2.13, and 3.3.x before v3.3.6 has XSS via an array key during exception pretty printing in ExceptionHandler.php, as demonstrated by a /_debugbar/open?op=get URI. NOTE: the vendor\u0027s position is that this is not a vulnerability because the debug tools are not intended for production use. NOTE: the Symfony Debug component is used by Laravel Debugbar"
},
{
"lang": "es",
"value": "** EN DISPUTA ** El manipulador de depuraci\u00f3n en Symfony, en versiones anteriores a la v2.7.33, versiones 2.8.x anteriores a la v2.8.26, versiones 3.x anteriores a la v3.2.13 y versiones 3.3.x anteriores a la v3.3.6, tiene Cross-Site Scripting (XSS) mediante una clave de array durante la impresi\u00f3n de excepciones pretty en ExceptionHandler.php, tal y como queda demostrado con un URI /_debugbar/open?op=get. NOTA: el fabricante sostiene que esta no es una vulnerabilidad debido a que las herramientas de depuraci\u00f3n no est\u00e1n dise\u00f1adas para ser empleadas en producci\u00f3n. NOTA: el componente Symfony Debug es empleado por Laravel Debugbar."
}
],
"id": "CVE-2017-18343",
"lastModified": "2024-11-21T03:19:53.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-20T00:29:00.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/barryvdh/laravel-debugbar/issues/850"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/issues/27987"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/23684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/barryvdh/laravel-debugbar/issues/850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/debug/pull/7/commits/e48bda29143bd1a83001780b4a78e483822d985c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/issues/27987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/23684"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-07 20:59
Modified
2024-11-21 02:38
Severity ?
Summary
Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "815710CF-CD6F-482A-AA49-F5DBD69CC78C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3614217B-B696-42F5-B700-154DC4A10362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F16129-1132-410A-ABF5-07043E748EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86E24535-7FDC-4CD5-9CFF-BE3497D8142A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39FAF963-1682-42ED-BE1C-04F4D67BC7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FAD933-5F1B-443C-833A-A7CA42B3E3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8315CC2E-1CA5-4877-9D8B-B1CE4C7E951A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B65CCFF0-491A-49AC-89DC-1C5BB2E17C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF037E9-7BCB-4B15-90E5-AC12B635FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB53AD64-7FA3-4B51-9BA4-1E6CEBC320B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4299D5E-496C-455A-B6CB-1324D73E3BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D52D4F61-92C2-44BA-8913-84C7B9625ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "AE64BBD6-A363-4331-B146-A15C299FA9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D3193871-9D22-489C-999C-047D126CB2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "24349F39-72FD-4669-99EB-C53EA8D30703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4D9AFF-7F87-48CC-9C82-FC89F909A82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4C305C-1FDF-4D93-97F5-10D8C8ABE7B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A1770E39-DCE8-4F81-9E18-F606CEA1DA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "104DB666-5608-4822-B4DA-A8BFB64856E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "5B629031-7AC2-4918-9FEC-C9D26EBB0161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "397E0404-9856-45C1-B12D-058E84F3FA3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EC987B-3C4D-4575-9BC8-9AFB794A20E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "DE17FB48-06AA-4275-9F3A-0CF008C9C86B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "39F81F64-CCF2-4CB1-9504-153267839BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1244EA-78F7-4501-9E42-52C77CE37963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD0661-41FA-4F89-A1D8-C50BE232D36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC87263-68E3-4BF8-8ED7-C40CC2F8CE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51A66842-7423-49F0-9FD3-64B7DE146F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "68CBB5C6-C707-43E9-AFC5-467E376D9218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.29:*:*:*:*:*:*:*",
"matchCriteriaId": "53ADBD77-5D7C-4065-AF07-0D7D913EAB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "60E9C327-F168-4591-AF45-86AC9695AFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.31:*:*:*:*:*:*:*",
"matchCriteriaId": "44A428C5-7A39-4B17-850C-5A2BA7D207B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EAA53F-6A62-4BD5-BB3D-B95885877067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.33:*:*:*:*:*:*:*",
"matchCriteriaId": "5C839442-0832-42C7-8D3C-C3BC75F96CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.34:*:*:*:*:*:*:*",
"matchCriteriaId": "07CA4138-9897-44A5-BBCC-B5054D5F9EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F13A190-1F97-4D7B-826A-E976934AE82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27770F28-584A-48E1-B885-6C6D17F546ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D52659E-1F0D-4319-A986-9BA512995C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C177DF32-F356-483C-82E5-8FCC68D89A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9461C-A049-48EC-BB3E-FD3212C82795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7EF330-714D-42E4-A2CF-406B84F3945B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2D86A4FF-9BD2-4B3D-A2CE-E9200A4EC690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5D6667BA-5A82-480B-AD9B-0E4CD0188458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7CFF0C34-4474-448B-8402-F9F7E6E1BA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA6C319-AE4B-419F-BCAD-57D8ACF83EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "00E132C9-F809-4AD9-959B-FFA8CB92780D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE3955-422A-4E81-9B81-4C2484E5C335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCF4EF8-5251-46B4-9B53-44783CD82082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A03AAA02-DB58-42C5-B4A6-C2608CDB7123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DA4FA9-AED8-4CCB-85E4-6D0BF6776FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "32021069-B447-40B2-BBF9-0D2CFDE8ECC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "38F01C2E-5A1B-441A-B58C-C450AA1C1410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "660AA98C-4E93-4D8B-A4EC-A94E24DCDB9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "388F9E94-C2C1-4010-97DA-B008E89D500F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in the \"Remember Me\" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id."
},
{
"lang": "es",
"value": "Vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en la funcionalidad de inicio de sesi\u00f3n \u0027Remember Me\u0027 en Symfony 2.3.x en versiones anteriores a 2.3.35, 2.6.x en versiones anteriores a 2.6.12 y 2.7.x en versiones anteriores a 2.7.7 permite a atacantes remotos secuestrar sesiones web a trav\u00e9s de un id de sesi\u00f3n."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/384.htm\"\u003eCWE-384: Session Fixation\u003c/a\u003e",
"id": "CVE-2015-8124",
"lastModified": "2024-11-21T02:38:02.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-07T20:59:14.110",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2015/Dec/89"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/537183/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/77694"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2015/Dec/89"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/537183/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-24 10:59
Modified
2024-11-21 02:27
Severity ?
Summary
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379F1431-3466-4263-8C02-D6541E593F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBEC708-96A2-43DD-88C0-9407ABB6D4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B52BED-2996-4C96-A348-98A8C72C8EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6279E7-F362-4C13-A965-908BCF9C30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A101B27-9AE7-4C04-80BC-03A981217782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3360BFF1-89ED-4294-A503-835C9C40C7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE78FEA0-42E8-463C-9C7C-C778F712BB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5CEE9C-822C-491F-841C-218AA21C0AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "822F9083-5542-41AA-B9FA-1B43DE633340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "165F68AE-AB34-4C20-88C6-56210548242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B13BE7AA-72FD-402D-8919-BC5F23D03EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1B511-5EBC-4301-A561-AE15B63DFC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF62D2D-2D62-4F15-83CD-F635DC838031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A8431-356C-498F-AAEA-EC8D05D74877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E53A27F2-9C3D-4670-BE1E-A1F6994EF1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18DEB929-6B35-488B-80BF-70448BF7A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB03E2D-F137-4CBA-887D-D1461735C958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D37175A7-C937-4758-8EED-BE24C43AA115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EF598F-F8F6-4980-BC76-C2FAF8FE7AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CD1432-1C91-4DFE-86E0-E5E97775A425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "768F171C-3625-4696-ACEC-A10FA70F6BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "55B048CA-DDD8-473A-88D5-1AA36B134F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "23EE797D-54E8-4063-82DB-3D55027DC7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CD9AD6-5303-41C3-848B-504BFC03307D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1175DE26-53D0-4411-8416-C60602A097D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88E95571-E3F3-4D8F-A03C-C95317D7C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEC939-1319-475E-AE3B-5BFB3D05A38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DB3966-94A2-4154-8449-09C4E44127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E16EB7-BA1C-4B49-A466-68EC0067D432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD23E22-222D-4933-B534-B1E91807D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D80A3A8-C230-4F81-8852-21985FB6562C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F79CDFB3-9BE8-4D29-90D0-9A14A7478CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE2FA705-1052-4938-9177-A16CC317C0A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "078D5869-B3E3-4046-A942-B63921AD19DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "098D9DD8-2113-48BA-A31C-75ED36F010CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DCEE5787-51E2-40EC-8B6E-FCA049E88381",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFBB031-DD47-41AB-BC38-D006F6C94FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "37873421-811B-45C7-9C75-CF92DEBD8DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B692349E-6ACF-4F39-B334-EB649C03C008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCDA8E2-61B1-49D1-B99D-3FDB640B3D3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B2F5DA-6679-4720-A296-FD06A0AE62C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "68CFDDF0-86AF-4360-BBA3-C8D4D23F28E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "5B629031-7AC2-4918-9FEC-C9D26EBB0161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "397E0404-9856-45C1-B12D-058E84F3FA3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EC987B-3C4D-4575-9BC8-9AFB794A20E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "DE17FB48-06AA-4275-9F3A-0CF008C9C86B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "39F81F64-CCF2-4CB1-9504-153267839BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1244EA-78F7-4501-9E42-52C77CE37963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD0661-41FA-4F89-A1D8-C50BE232D36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC87263-68E3-4BF8-8ED7-C40CC2F8CE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2298A972-5CF9-477E-997D-8CD8CF7C68C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "429897EE-A2AB-4D53-91DE-14419270C387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46DF9D9B-F5DC-48B9-9C63-BE3B61CBD30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7014696F-318B-42DE-BD9A-881B6E849EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0899FE78-4E32-4D6A-AFE5-59D8DDA4DEAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3E4A96-731B-46AA-B686-777841BC31C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F1B7BB-F623-49A9-86BD-F55F8CE4698E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "34F5B9AE-C086-43C0-AE0D-A7E1AF0EA4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE35E75-315C-472B-B8C3-4E9AF9C5421F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "360EFC8C-6FD2-48B1-A3E9-C16867B05F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F42DB1A7-3DD3-48FE-9B0B-48866ACAB861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "478385F1-2EB7-45D4-BBCC-D0EAA0F1A793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1EB3201A-180F-49D9-8436-7D3181A5B40D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97E35964-8D47-4146-AF91-C5EC0A8E1801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "01076190-7FDF-4A9C-99C9-A1F153BFFA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6EBF05-F0C6-4B36-8B5E-BF1793364AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE1BB71-C1E8-4957-B5A6-E7B24A3FEC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BD415B94-A1DA-4483-8F39-56BDF805A7DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAC5594-43BE-4DA4-9420-C070F6C5C77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BFCA2A46-50CD-4C31-836C-F9D922810D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F13A190-1F97-4D7B-826A-E976934AE82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27770F28-584A-48E1-B885-6C6D17F546ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C177DF32-F356-483C-82E5-8FCC68D89A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9461C-A049-48EC-BB3E-FD3212C82795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7EF330-714D-42E4-A2CF-406B84F3945B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language=\"php\" attribute of a SCRIPT element."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n Eval en la clase HttpCache en HttpKernel en Symfony 2.x anterior a 2.3.27, 2.4.x y 2.5.x anterior a 2.5.11, y 2.6.x anterior a 2.6.6 permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario a trav\u00e9s de un atributo language=\u0027php\u0027 de un elemento SCRIPT."
}
],
"id": "CVE-2015-2308",
"lastModified": "2024-11-21T02:27:11.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-24T10:59:01.103",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN19578958/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000089"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75357"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2015-2308-esi-code-injection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN19578958/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2015-2308-esi-code-injection"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 16:29
Modified
2024-11-21 03:43
Severity ?
Summary
The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A522BA0-3568-4D2B-8764-34B256AF1FA9",
"versionEndExcluding": "2.7.48",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA7D5E-712A-4D9D-B65D-E0C8646898A3",
"versionEndExcluding": "2.8.41",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5417E6-35FB-4B1B-81DB-A969647DE21B",
"versionEndExcluding": "3.3.17",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B331F8-E8ED-4144-A97A-ACD5B2718134",
"versionEndExcluding": "3.4.11",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E284F91-DBE1-4250-BD1E-ACAFE38D1CD4",
"versionEndExcluding": "4.0.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652."
},
{
"lang": "es",
"value": "Los gestores de seguridad en el componente Security en Symfony en versiones 2.7.x anteriores a la 2.7.48, versiones 2.8.x anteriores a la 2.8.41, versiones 3.3.x anteriores a la 3.3.17, versiones 3.4.x anteriores a la 3.4.11 y versiones 4.0.x anteriores a la 4.0.11 tienen una vulnerabilidad de redirecci\u00f3n abierta cuando security.http_utils ha sido insertado por un contenedor. NOTA: este problema existe debido a una soluci\u00f3n incompleta para CVE-2017-16652."
}
],
"id": "CVE-2018-11408",
"lastModified": "2024-11-21T03:43:18.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T16:29:01.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-13 16:15
Modified
2024-11-21 05:48
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB740DF-3B50-4D03-8C88-136F0ED45E9A",
"versionEndExcluding": "3.4.48",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9FB0C5-08F0-4D7D-B9B1-0D6347A04E63",
"versionEndExcluding": "4.4.23",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80C5BB06-3309-4F71-8AC9-5567AB0E3149",
"versionEndExcluding": "5.2.8",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4."
},
{
"lang": "es",
"value": "Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables.\u0026#xa0;La capacidad de enumerar a los usuarios fue posible sin los permisos pertinentes debido al manejo diferente dependiendo de si el usuario exist\u00eda o no al intentar usar la funcionalidad switch users.\u0026#xa0;Ahora nos aseguramos de que los 403 sean retornados independientemente de que el usuario exista o no si un usuario no puede cambiar a un usuario o si el usuario no existe.\u0026#xa0;El parche para este problema est\u00e1 disponible para la rama 3.4"
}
],
"id": "CVE-2021-21424",
"lastModified": "2024-11-21T05:48:20.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-13T16:15:07.777",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-06 21:29
Modified
2024-11-21 03:16
Severity ?
Summary
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are then bound to the form. At this stage there is no difference anymore between submitted POST data and uploaded files. A user can send a crafted HTTP request where the value of a "FileType" is sent as normal POST data that could be interpreted as a local file path on the server-side (for example, "file:///etc/passwd"). If the application did not perform any additional checks about the value submitted to the "FileType", the contents of the given file on the server could have been exposed to the attacker.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files | Issue Tracking, Patch, Vendor Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4262 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4262 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B84DB7E-B758-4D6A-B10B-AE602F172EC0",
"versionEndIncluding": "2.7.37",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE14BFC-CE4D-4BCB-8179-53243E6657E9",
"versionEndIncluding": "2.8.30",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E4D371-1EC1-49A7-BED2-F9C36E8C5BB4",
"versionEndIncluding": "3.2.13",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49BB635A-5911-4DB0-A75C-D73EBC772283",
"versionEndIncluding": "3.3.12",
"versionStartIncluding": "3.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are then bound to the form. At this stage there is no difference anymore between submitted POST data and uploaded files. A user can send a crafted HTTP request where the value of a \"FileType\" is sent as normal POST data that could be interpreted as a local file path on the server-side (for example, \"file:///etc/passwd\"). If the application did not perform any additional checks about the value submitted to the \"FileType\", the contents of the given file on the server could have been exposed to the attacker."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Symfony en versiones anteriores a la 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5 y 4.0-BETA5. Cuando un usuario env\u00eda un formulario, las clases del manipulador de petici\u00f3n del componente Form combinan los datos POST y suben los archivos en un array. Este array grande forma los datos que se enlazan al formulario. En este punto, ya no hay diferencias entre los datos POST enviados y los archivos subidos. Un usuario puede enviar una petici\u00f3n HTTP manipulada donde el valor de un \"FileType\" se env\u00eda como datos POST normales que podr\u00edan ser interpretados como ruta de archivo local del lado del servidor (por ejemplo, \"file:///etc/passwd\"). Si la aplicaci\u00f3n no realiza comprobaciones adicionales sobre el valor enviado a \"FileType\", el contenido del archivo dado en el servidor podr\u00eda haberse expuesto al atacante."
}
],
"id": "CVE-2017-16790",
"lastModified": "2024-11-21T03:16:58.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-06T21:29:00.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-24 19:15
Modified
2024-11-21 06:25
Severity ?
Summary
Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\t`) part of the vulnerable characters, and OWASP suggests using the single quote `'` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `'` to prefix formulas and add the prefix to cells starting by `\t`, `\r` as well as `=`, `+`, `-` and `@`.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A678C35-5C92-4E2D-9AB4-6D59E4DDE3E0",
"versionEndExcluding": "4.4.35",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF30246A-DE78-4ECA-9FF7-48D48674FA33",
"versionEndExcluding": "5.3.12",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\\t`) part of the vulnerable characters, and OWASP suggests using the single quote `\u0027` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `\u0027` to prefix formulas and add the prefix to cells starting by `\\t`, `\\r` as well as `=`, `+`, `-` and `@`."
},
{
"lang": "es",
"value": "Symfony/Serializer maneja la serializaci\u00f3n y deserializaci\u00f3n de estructuras de datos para Symfony, un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reusables. Symfony versiones 4.1.0 anteriores a 4.4.35 y versiones 5.0.0 anteriores a 5.3.12, son vulnerables a una inyecci\u00f3n de CSV, tambi\u00e9n se conoce como inyecci\u00f3n de f\u00f3rmulas. En Symfony 4.1, los mantenedores a\u00f1adieron la opci\u00f3n \"csv_escape_formulas\" en el \"CsvEncoder\", para prefijar todas las celdas que empiezan con \"=\", \"+\", \"-\" o \"@\" con un tabulador \"\\t\". Desde entonces, OWASP ha a\u00f1adido 2 caracteres en esa lista: Tabulador (0x09) y retorno de Carro (0x0D). Esto hace que el anterior car\u00e1cter de prefijo (Tab \"\\t\") forme parte de los caracteres vulnerables, y OWASP sugiere usar la comilla simple \"\u0027\" para prefijar el valor. A partir de las versiones 4.4.34 y 5.3.12, Symfony ahora sigue las recomendaciones de OWASP y usa la comilla simple \"\u0027\" para prefijar las f\u00f3rmulas y a\u00f1adir el prefijo a las celdas que empiezan por \"\\t\", \"\\r\" as\u00ed como \"=\", \"+\", \"-\" y \"@\""
}
],
"id": "CVE-2021-41270",
"lastModified": "2024-11-21T06:25:56.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2021-11-24T19:15:07.887",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-18 22:29
Modified
2024-11-21 03:58
Severity ?
Summary
An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 28 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C920A156-6069-4228-8566-7E6702FEC963",
"versionEndExcluding": "2.7.50",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F566E2-4BE2-4EFD-9800-D29DE8E53886",
"versionEndExcluding": "2.8.49",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "934D9B80-E632-4996-9BF0-8D34C4CFD23F",
"versionEndExcluding": "3.4.20",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "377BBA51-611E-4146-898A-A103B511EA83",
"versionEndExcluding": "4.0.15",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F29F714-E604-43BF-9707-1AFD5E4D2F05",
"versionEndExcluding": "4.1.9",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F91E7F-D094-4C23-AF65-F8CA9F146006",
"versionEndExcluding": "4.2.1",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login."
},
{
"lang": "es",
"value": "Se ha descubierto una redirecci\u00f3n abierta en Symfony en versiones 2.7.x anteriores a la 2.7.50, versiones 2.8.x anteriores a la 2.8.49, versiones 3.x anteriores a la 3.4.20, versiones 4.0.x anteriores a la 4.0.15, versiones 4.1.x anteriores a la 4.1.9 y versiones 4.2.x anteriores a la 4.2.1. Mediante el uso de barras invertidas en el campo de entrada \"_failure_path\" de los formularios de inicio de sesi\u00f3n, un atacante puede sortear las restricciones de destino de redirecci\u00f3n y redirigir de forma efectiva al usuario a cualquier dominio una vez ha iniciado sesi\u00f3n."
}
],
"id": "CVE-2018-19790",
"lastModified": "2024-11-21T03:58:33.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-18T22:29:05.040",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2019/dsa-4441"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 16:29
Modified
2024-11-21 03:43
Severity ?
Summary
An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A522BA0-3568-4D2B-8764-34B256AF1FA9",
"versionEndExcluding": "2.7.48",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA7D5E-712A-4D9D-B65D-E0C8646898A3",
"versionEndExcluding": "2.8.41",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5417E6-35FB-4B1B-81DB-A969647DE21B",
"versionEndExcluding": "3.3.17",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B331F8-E8ED-4144-A97A-ACD5B2718134",
"versionEndExcluding": "3.4.11",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E284F91-DBE1-4250-BD1E-ACAFE38D1CD4",
"versionEndExcluding": "4.0.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en el componente HttpFoundation en Symfony en versiones 2.7.x anteriores a la 2.7.48, versiones 2.8.x anteriores a la 2.8.41, versiones 3.3.x anteriores a la 3.3.17, versiones 3.4.x anteriores a la 3.4.11 y versiones 4.0.x anteriores a la 4.0.11. La clase PDOSessionHandler permite el almacenamiento de sesiones en una conexi\u00f3n PDO. En algunas configuraciones y con una carga \u00fatil bien manipulada, es posible realizar una denegaci\u00f3n de servicio (DoS) en una aplicaci\u00f3n Symfony sin demasiados recursos."
}
],
"id": "CVE-2018-11386",
"lastModified": "2024-11-21T03:43:16.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T16:29:00.627",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-10 18:15
Modified
2024-11-21 08:29
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | twig | * | |
| sensiolabs | twig | * | |
| sensiolabs | twig | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E6FF3A-7682-47C6-B439-774B3DA06B3D",
"versionEndExcluding": "4.4.51",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9BA65C-8E14-45F4-BAC9-1795DC79CF7E",
"versionEndExcluding": "5.4.31",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0056B4D3-0C63-467F-A308-EB5DEE894B85",
"versionEndExcluding": "6.3.8",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E9CF24-819A-4931-ADE3-43B3D40C5729",
"versionEndExcluding": "4.4.51",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BFC997-132A-410E-A7B3-9D0A29F652A3",
"versionEndExcluding": "5.4.31",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2E5E40-A851-4699-A7E0-6CDCE5849369",
"versionEndExcluding": "6.3.8",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters."
},
{
"lang": "es",
"value": "Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de las versiones 2.0.0, 5.0.0 y 6.0.0 y anteriores a las versiones 4.4.51, 5.4.31 y 6.3.8, algunos filtros Twig en CodeExtension usan `is_safe=html` pero en realidad no garantizan su la entrada es segura. A partir de las versiones 4.4.51, 5.4.31 y 6.3.8, Symfony ahora escapa a la salida de los filtros afectados."
}
],
"id": "CVE-2023-46734",
"lastModified": "2024-11-21T08:29:11.347",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-10T18:15:09.360",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 16:29
Modified
2024-11-21 03:43
Severity ?
Summary
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A522BA0-3568-4D2B-8764-34B256AF1FA9",
"versionEndExcluding": "2.7.48",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA7D5E-712A-4D9D-B65D-E0C8646898A3",
"versionEndExcluding": "2.8.41",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5417E6-35FB-4B1B-81DB-A969647DE21B",
"versionEndExcluding": "3.3.17",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B331F8-E8ED-4144-A97A-ACD5B2718134",
"versionEndExcluding": "3.4.11",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E284F91-DBE1-4250-BD1E-ACAFE38D1CD4",
"versionEndExcluding": "4.0.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user\u0027s session is invalidated when the user is logged out. This behavior can be disabled through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en el componente Security en Symfony en versiones 2.7.x anteriores a la 2.7.48, versiones 2.8.x anteriores a la 2.8.41, versiones 3.3.x anteriores a la 3.3.17, versiones 3.4.x anteriores a la 3.4.11 y versiones 4.0.x anteriores a la 4.0.11. Por defecto, la sesi\u00f3n de un usuario se invalida cuando el usuario cierra sesi\u00f3n. Este comportamiento puede deshabilitarse mediante la opci\u00f3n invalidate_session. En este caso los tokens CSRF no se eliminaban durante el cierre de sesi\u00f3n, lo que permit\u00eda la fijaci\u00f3n de tokens CSRF."
}
],
"id": "CVE-2018-11406",
"lastModified": "2024-11-21T03:43:17.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T16:29:00.813",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11406-csrf-token-fixation"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11406-csrf-token-fixation"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 16:29
Modified
2024-11-21 03:16
Severity ?
Summary
An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "825CCE18-2656-4AE2-B7B1-61F62FD3F36B",
"versionEndExcluding": "2.7.38",
"versionStartExcluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05D2DF8E-04EA-4970-BF77-9C53144F794F",
"versionEndExcluding": "2.8.31",
"versionStartExcluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "520D5A73-8A5B-4BAE-8F6B-EDC2DF522D88",
"versionEndExcluding": "3.2.14",
"versionStartExcluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "102C3897-59F3-42E8-9771-B0CC8709681B",
"versionEndExcluding": "3.3.13",
"versionStartIncluding": "3.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Symfony en versiones 2.7.x anteriores a la 2.7.38, versiones 2.8.x anteriores a la 2.8.31, versiones 3.2.x anteriores a la 3.2.14 y versiones 3.3.x anteriores a la 3.3.13. DefaultAuthenticationSuccessHandler o DefaultAuthenticationFailureHandler toman el contenido del par\u00e1metro _target_path y generan una respuesta de redirecci\u00f3n, pero no se realiza una comprobaci\u00f3n de ruta, que puede ser una URL absoluta o un dominio externo. Esta vulnerabilidad de redirecci\u00f3n abierta puede ser explotada, por ejemplo, para realizar ataques de phishing efectivos."
}
],
"id": "CVE-2017-16652",
"lastModified": "2024-11-21T03:16:46.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T16:29:00.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-24 19:15
Modified
2024-11-21 06:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13AF17F8-5CAF-4AB6-9A17-131D76C8D57B",
"versionEndExcluding": "5.3.12",
"versionStartIncluding": "5.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore."
},
{
"lang": "es",
"value": "Symfony/SecurityBundle es el sistema de seguridad de Symfony, un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reusables. Desde la revisi\u00f3n de la cookie Remember me en la versi\u00f3n 5.3.0, la cookie no es invalidada cuando el usuario cambia su contrase\u00f1a. Por lo tanto, los atacantes pueden mantener su acceso a la cuenta aunque se cambie la contrase\u00f1a, siempre y cuando hayan tenido la oportunidad de iniciar sesi\u00f3n una vez y conseguir una cookie remember me v\u00e1lida. A partir de la versi\u00f3n 5.3.12, Symfony hace que la contrase\u00f1a sea parte de la firma por defecto. De esta forma, cuando la contrase\u00f1a cambia, la cookie deja de ser v\u00e1lida"
}
],
"id": "CVE-2021-41268",
"lastModified": "2024-11-21T06:25:55.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-24T19:15:07.817",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-07 19:55
Modified
2024-11-21 01:39
Severity ?
Summary
Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | 1.4.0 | |
| sensiolabs | symfony | 1.4.0 | |
| sensiolabs | symfony | 1.4.0 | |
| sensiolabs | symfony | 1.4.1 | |
| sensiolabs | symfony | 1.4.2 | |
| sensiolabs | symfony | 1.4.3 | |
| sensiolabs | symfony | 1.4.4 | |
| sensiolabs | symfony | 1.4.5 | |
| sensiolabs | symfony | 1.4.6 | |
| sensiolabs | symfony | 1.4.7 | |
| sensiolabs | symfony | 1.4.8 | |
| sensiolabs | symfony | 1.4.9 | |
| sensiolabs | symfony | 1.4.10 | |
| sensiolabs | symfony | 1.4.11 | |
| sensiolabs | symfony | 1.4.12 | |
| sensiolabs | symfony | 1.4.13 | |
| sensiolabs | symfony | 1.4.14 | |
| sensiolabs | symfony | 1.4.15 | |
| sensiolabs | symfony | 1.4.16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F2CC4DC-C123-4285-BFD2-3AA0ED61F575",
"versionEndIncluding": "1.4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F1040D-AFBA-4A73-AC13-8504A0625AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "84094B27-A701-4978-91D7-587AF314B6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "79B1B57C-DE96-4ECB-AD92-F52667FC4E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78201955-7DCB-4FA2-B745-67DDE420BB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F4680367-B5EA-4593-8F72-0E4C1EAA30AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B4301-FF9E-4C02-8E0F-42C25831EC99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4C4F47-4DEB-45A0-BD05-245079D1A914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3356E269-D119-4130-92A5-A8DBA0FAB738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D5B3-00CE-4A86-9063-14B150CB973A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC37A5-5ABA-4A1B-9CF8-E10D74B603C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC08043-3427-4F2F-BE15-9800AD5DE6B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2E73B1AE-6AAE-4862-89D5-E58F3FEF474F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "82BF2472-CD81-4578-8FE4-52BEF395FD8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2143A607-79CE-4D2D-BE8E-3F3F164733B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A59CD0-89BC-461C-B7D7-74CB94C2EF15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3197A9BD-E102-4397-932F-BB3ED97937AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEB7732-879C-4C82-82F4-89C4D37A53C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "729995D3-4D28-4ECF-9A2B-61EF87F8A766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1BCCFEAB-1CBE-4EF6-9DB0-D614D349A6E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified \"database backed session classes.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en lib/user/sfBasicSecurityUser.class.php en SensioLabs Symfony antes de v1.4.18 permite a atacantes remotos secuestrar sesiones web a trav\u00e9s de vectores relacionados con el m\u00e9todo \u0027regenerate\u0027 y \"clases de sesi\u00f3n de respaldo de base de datos\" no especificadas."
}
],
"id": "CVE-2012-2667",
"lastModified": "2024-11-21T01:39:24.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-06-07T19:55:09.353",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-18-released"
},
{
"source": "secalert@redhat.com",
"url": "http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/06/04/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/06/05/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/53776"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-1-4-18-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/06/04/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/06/05/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76027"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-02 17:15
Modified
2024-11-21 01:56
Severity ?
Summary
Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D93035E-4F64-4677-9978-AF215722FB80",
"versionEndExcluding": "2.0.24",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FED8794-0F9A-4CE9-B8B5-AB7E33DC24BA",
"versionEndExcluding": "2.1.12",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB924336-0F19-47BF-B646-3E56620963C2",
"versionEndExcluding": "2.2.5",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB9E600-3269-463B-9E2A-6C883C295856",
"versionEndExcluding": "2.3.3",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks."
},
{
"lang": "es",
"value": "Symfony versiones 2.0.X anteriores a 2.0.24, versiones 2.1.X anteriores a 2.1.12, versiones 2.2.X anteriores a 2.2.5 y versiones 2.3.X anteriores a 2.3.3, tienen un problema en el componente HttpFoundation. El atacante puede manipular el encabezado del host cuando el framework est\u00e1 generando una URL absoluta. Un atacante remoto podr\u00eda explotar esta vulnerabilidad para inyectar contenido malicioso en la p\u00e1gina de la aplicaci\u00f3n Web y dirigir varios ataques."
}
],
"id": "CVE-2013-4752",
"lastModified": "2024-11-21T01:56:18.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-02T17:15:10.800",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61715"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86365"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86366"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86367"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86368"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86369"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86370"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86371"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86372"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86373"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86374"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-01 22:59
Modified
2024-11-21 02:47
Severity ?
Summary
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | 2.6.0 | |
| sensiolabs | symfony | 2.6.1 | |
| sensiolabs | symfony | 2.6.2 | |
| sensiolabs | symfony | 2.6.3 | |
| sensiolabs | symfony | 2.6.4 | |
| sensiolabs | symfony | 2.6.5 | |
| sensiolabs | symfony | 2.6.6 | |
| sensiolabs | symfony | 2.6.7 | |
| sensiolabs | symfony | 2.6.8 | |
| sensiolabs | symfony | 2.6.9 | |
| sensiolabs | symfony | 2.6.10 | |
| sensiolabs | symfony | 2.6.11 | |
| sensiolabs | symfony | 2.6.12 | |
| sensiolabs | symfony | 2.7.0 | |
| sensiolabs | symfony | 2.7.1 | |
| sensiolabs | symfony | 2.7.2 | |
| sensiolabs | symfony | 2.7.3 | |
| sensiolabs | symfony | 2.7.4 | |
| sensiolabs | symfony | 2.7.5 | |
| sensiolabs | symfony | 2.7.6 | |
| sensiolabs | symfony | 2.7.7 | |
| sensiolabs | symfony | 2.7.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87FE6482-55B8-4311-A67B-97C12626B3BF",
"versionEndIncluding": "2.3.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F13A190-1F97-4D7B-826A-E976934AE82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27770F28-584A-48E1-B885-6C6D17F546ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D52659E-1F0D-4319-A986-9BA512995C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C177DF32-F356-483C-82E5-8FCC68D89A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9461C-A049-48EC-BB3E-FD3212C82795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7EF330-714D-42E4-A2CF-406B84F3945B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2D86A4FF-9BD2-4B3D-A2CE-E9200A4EC690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5D6667BA-5A82-480B-AD9B-0E4CD0188458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7CFF0C34-4474-448B-8402-F9F7E6E1BA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA6C319-AE4B-419F-BCAD-57D8ACF83EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "00E132C9-F809-4AD9-959B-FFA8CB92780D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE3955-422A-4E81-9B81-4C2484E5C335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "26EA6AA5-619A-4511-B2F6-4F1BA359FFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCF4EF8-5251-46B4-9B53-44783CD82082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A03AAA02-DB58-42C5-B4A6-C2608CDB7123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DA4FA9-AED8-4CCB-85E4-6D0BF6776FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "32021069-B447-40B2-BBF9-0D2CFDE8ECC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "38F01C2E-5A1B-441A-B58C-C450AA1C1410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "660AA98C-4E93-4D8B-A4EC-A94E24DCDB9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "388F9E94-C2C1-4010-97DA-B008E89D500F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F89AEFB-7D2C-46EF-B0FF-D8C1B636EB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6F1CF5-F8A5-43E2-B9C4-912A0583E558",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
},
{
"lang": "es",
"value": "La funci\u00f3n nextBytes en la clase SecureRandom en Symfony en versiones anteriores a 2.3.37, 2.6.x en versiones anteriores a 2.6.13 y 2.7.x en versiones anteriores a 2.7.9 no genera correctamente n\u00fameros aleatorios cuando es usado con PHP 5.x sin la biblioteca paragonie/random_compat y falla la funci\u00f3n openssl_random_pseudo_bytes, lo que hace m\u00e1s f\u00e1cil a los atacantes vencer los mecanismos de protecci\u00f3n de cifrado a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1902",
"lastModified": "2024-11-21T02:47:18.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-01T22:59:01.393",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3588"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/pull/17359"
},
{
"source": "cve@mitre.org",
"url": "https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/symfony/symfony/pull/17359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-16 22:29
Modified
2024-11-21 04:20
Severity ?
Summary
In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4716654-1055-44B3-8E51-5BC0E739E0CB",
"versionEndExcluding": "2.8.50",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF53486E-FAAC-40B3-82CE-4EDCD2C96690",
"versionEndExcluding": "3.4.26",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25A92454-6E0B-4BDE-8967-BB3E32125102",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53E58B92-6D5D-4949-B75F-687F52961FDA",
"versionEndExcluding": "4.2.7",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge."
},
{
"lang": "es",
"value": "En Symfony versi\u00f3n anterior a 2.8.50, versi\u00f3n 3.x anterior a 3.4.26, versi\u00f3n 4.x anterior a 4.1.12 y versi\u00f3n 4.2.x anterior a 4.2.7, es posible guardar en cach\u00e9 objetos que pueden contener informaci\u00f3n errada del usuario. En la serializaci\u00f3n o unserialization, esto podr\u00eda resultar en la eliminaci\u00f3n de archivos a los que el usuario actual tiene acceso. Esto est\u00e1 relacionado con Symfony/cache y Symfony/ phpunit-bridge."
}
],
"id": "CVE-2019-10912",
"lastModified": "2024-11-21T04:20:08.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T22:29:00.580",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized"
},
{
"source": "cve@mitre.org",
"url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2019/dsa-4441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/May/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2019/dsa-4441"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-16 22:29
Modified
2024-11-21 04:20
Severity ?
Summary
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec | Patch, Third Party Advisory | |
| cve@mitre.org | https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A86884C0-A185-4CCF-AB21-1D1529AEDAED",
"versionEndExcluding": "2.7.51",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4716654-1055-44B3-8E51-5BC0E739E0CB",
"versionEndExcluding": "2.8.50",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF53486E-FAAC-40B3-82CE-4EDCD2C96690",
"versionEndExcluding": "3.4.26",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25A92454-6E0B-4BDE-8967-BB3E32125102",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53E58B92-6D5D-4949-B75F-687F52961FDA",
"versionEndExcluding": "4.2.7",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation."
},
{
"lang": "es",
"value": "En Symfony la versi\u00f3n anterior a 2.7.51, versi\u00f3n 2.8.x anterior a 2.8.50, versi\u00f3n 3.x anterior a 3.4.26, versi\u00f3n 4.x anterior a 4.1.12 y versi\u00f3n 4.2.x anterior a 4.2.7, los m\u00e9todos HTTP se proporcionan como verbos o usando el encabezado de anulaci\u00f3n pueden tratarse como entradas de confianza, pero no est\u00e1n validadas, lo que posiblemente provoque la inyecci\u00f3n de SQL o XSS. Esto est\u00e1 relacionado con Symfony/http-foundation."
}
],
"id": "CVE-2019-10913",
"lastModified": "2024-11-21T04:20:08.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-16T22:29:00.673",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-01 13:15
Modified
2024-11-21 01:56
Severity ?
Summary
php-symfony2-Validator has loss of information during serialization
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D93035E-4F64-4677-9978-AF215722FB80",
"versionEndExcluding": "2.0.24",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FED8794-0F9A-4CE9-B8B5-AB7E33DC24BA",
"versionEndExcluding": "2.1.12",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB924336-0F19-47BF-B646-3E56620963C2",
"versionEndExcluding": "2.2.5",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB9E600-3269-463B-9E2A-6C883C295856",
"versionEndExcluding": "2.3.3",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "php-symfony2-Validator has loss of information during serialization"
},
{
"lang": "es",
"value": "php-symfony2-Validator, presenta una perdida de informaci\u00f3n durante la serializaci\u00f3n"
}
],
"id": "CVE-2013-4751",
"lastModified": "2024-11-21T01:56:18.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-01T13:15:11.433",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61709"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86364"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-03 17:29
Modified
2024-11-21 03:49
Severity ?
Summary
An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F1C03F-7091-4ECC-8DAB-646D12E07EBE",
"versionEndIncluding": "2.7.48",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9158CA7-0193-4342-9A09-126D8F667591",
"versionEndIncluding": "2.8.43",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "933F48FF-3D58-455A-85D5-563A5C454020",
"versionEndIncluding": "3.3.17",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09200F9D-A68B-4322-9626-7A869EC1E18A",
"versionEndIncluding": "3.4.13",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77747DC8-9E86-4619-A98F-CAC8BF7BA7B7",
"versionEndIncluding": "4.0.13",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0261DC21-9664-4D09-AE19-632C0D083D48",
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en HttpKernel en Symfony, desde la versi\u00f3n 2.7.0 hasta la 2.7.48, desde la versi\u00f3n 2.8.0 hasta la 2.8.43, desde la versi\u00f3n 3.3.0 hasta la 3.3.17, desde la versi\u00f3n 3.4.0 hasta la 3.4.13, desde la versi\u00f3n 4.0.0 hasta la 4.0.13 y desde la versi\u00f3n 4.1.0 hasta la 4.1.2. Al emplear HttpCache, los valores de las cabeceras X-Forwarded-Host se asignan impl\u00edcitamente como fiables, aunque deber\u00eda estar prohibido, lo que conduce a una potencial inyecci\u00f3n de cabeceras host."
}
],
"id": "CVE-2018-14774",
"lastModified": "2024-11-21T03:49:45.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-03T17:29:00.347",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/725dee4cd8b4ccd52e335ae4b4522242cea9bd4a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-07 17:59
Modified
2024-11-21 02:48
Severity ?
Summary
Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | 2.8.0 | |
| sensiolabs | symfony | 2.8.1 | |
| sensiolabs | symfony | 2.8.2 | |
| sensiolabs | symfony | 2.8.3 | |
| sensiolabs | symfony | 2.8.4 | |
| sensiolabs | symfony | 2.8.5 | |
| sensiolabs | symfony | 3.0.0 | |
| sensiolabs | symfony | 3.0.1 | |
| sensiolabs | symfony | 3.0.2 | |
| sensiolabs | symfony | 3.0.3 | |
| sensiolabs | symfony | 3.0.4 | |
| sensiolabs | symfony | 3.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01C2E25-6FEE-49C8-A9D8-F4935A0F915E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68869331-57A0-451D-9888-32643537B736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3598D2C0-4AB1-4C4F-98ED-2862E7C42497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9F100F2F-EB9F-41E3-AB84-49E49A61C728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "135156B2-2ADF-4127-A4F1-309FB99868B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AABE15FF-B488-49D6-B284-89ECE1C2E54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D07C355A-FF00-44DF-A899-B727DAEBB83F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "235F1F79-E3FB-452C-98E3-A3D978CC9819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC270EEB-02CC-4960-9F3D-41AB86636864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1570191-3967-4C89-B7B3-07C4FC369C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC56E52-31DB-4B3C-8E07-B7358079DEC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CE067114-08AF-46F0-8F46-1485C93A8857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind."
},
{
"lang": "es",
"value": "Symfony en versiones anteriores a 2.8.6 y 3.x en versiones anteriores a 3.0.6 permite a atacantes remotos eludir la autenticaci\u00f3n mediante el inicio de sesi\u00f3n con un nombre de usuario v\u00e1lido y una contrase\u00f1a vac\u00eda, lo que desencadena una uni\u00f3n no autenticada."
}
],
"id": "CVE-2016-2403",
"lastModified": "2024-11-21T02:48:23.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-07T17:59:00.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96137"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 22:29
Modified
2024-11-21 03:44
Severity ?
Summary
Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don't handle those issues as security issues).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/542071/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/542071/100/0/threaded | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | 3.3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D0F06-DDD6-4E64-9047-A3FF019EFCA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the \"file\" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states \"The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don\u0027t handle those issues as security issues)."
},
{
"lang": "es",
"value": "** EN DISPUTA ** Vulnerabilidad de Cross-Site Scripting (XSS) reflejado en el generador de perfiles web en Symfony 3.3.6, de SensioLabs, permite que atacantes remotos inyecten scripts web o HTML mediante el par\u00e1metro \"file\". Esto tambi\u00e9n se conoce como URI _profiler/open?file=. NOTA: el fabricante indica que \"el XSS ... est\u00e1 en el generador de perfiles web, una herramienta que nunca deber\u00eda implementarse en producci\u00f3n (por lo que no gestionamos estos problemas como problemas de seguridad)\"."
}
],
"id": "CVE-2018-12040",
"lastModified": "2024-11-21T03:44:28.527",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T22:29:00.550",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/542071/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/148125/SensioLabs-Symfony-3.3.6-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/542071/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-24 19:15
Modified
2024-11-21 06:25
Severity ?
Summary
Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A20B5C-F577-4E27-90BD-CB0689E7C602",
"versionEndExcluding": "5.3.12",
"versionStartIncluding": "5.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the \"trusted_headers\" allowed list are ignored and protect users from \"Cache poisoning\" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the \"trusted_headers\" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted."
},
{
"lang": "es",
"value": "Symfony/Http-Kernel es el componente del n\u00facleo HTTP de Symfony, un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reusables. Los encabezados que no forman parte de la lista permitida \"trusted_headers\" son ignoradas y protegen a los usuarios de ataques de \"Cache poisoning\". En Symfony versi\u00f3n 5.2, los mantenedores a\u00f1adieron soporte para los encabezados \"X-Forwarded-Prefix\", pero este encabezado era accesible en SubRequest, incluso si no era parte de la lista permitida \"trusted_headers\". Un atacante podr\u00eda aprovechar esta oportunidad para falsificar peticiones que contengan un encabezado \"X-Forwarded-Prefix\", conllevando aun problema de envenenamiento de la cach\u00e9 web. Las versiones 5.3.12 y posteriores presentan un parche para asegurar que el encabezado \"X-Forwarded-Prefix\" no es reenviado a las subpeticiones cuando no es confiable"
}
],
"id": "CVE-2021-41267",
"lastModified": "2024-11-21T06:25:55.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2021-11-24T19:15:07.737",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-444"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-02 15:55
Modified
2024-11-21 01:49
Severity ?
Summary
The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | 2.0.0 | |
| sensiolabs | symfony | 2.0.1 | |
| sensiolabs | symfony | 2.0.2 | |
| sensiolabs | symfony | 2.0.3 | |
| sensiolabs | symfony | 2.0.4 | |
| sensiolabs | symfony | 2.0.5 | |
| sensiolabs | symfony | 2.0.6 | |
| sensiolabs | symfony | 2.0.7 | |
| sensiolabs | symfony | 2.0.8 | |
| sensiolabs | symfony | 2.0.9 | |
| sensiolabs | symfony | 2.0.10 | |
| sensiolabs | symfony | 2.0.11 | |
| sensiolabs | symfony | 2.0.12 | |
| sensiolabs | symfony | 2.0.13 | |
| sensiolabs | symfony | 2.0.14 | |
| sensiolabs | symfony | 2.0.15 | |
| sensiolabs | symfony | 2.0.16 | |
| sensiolabs | symfony | 2.0.17 | |
| sensiolabs | symfony | 2.0.18 | |
| sensiolabs | symfony | 2.0.19 | |
| sensiolabs | symfony | 2.0.20 | |
| sensiolabs | symfony | 2.0.21 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379F1431-3466-4263-8C02-D6541E593F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBEC708-96A2-43DD-88C0-9407ABB6D4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B52BED-2996-4C96-A348-98A8C72C8EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6279E7-F362-4C13-A965-908BCF9C30E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A101B27-9AE7-4C04-80BC-03A981217782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3360BFF1-89ED-4294-A503-835C9C40C7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE78FEA0-42E8-463C-9C7C-C778F712BB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5CEE9C-822C-491F-841C-218AA21C0AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "822F9083-5542-41AA-B9FA-1B43DE633340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "165F68AE-AB34-4C20-88C6-56210548242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B13BE7AA-72FD-402D-8919-BC5F23D03EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1B511-5EBC-4301-A561-AE15B63DFC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF62D2D-2D62-4F15-83CD-F635DC838031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A8431-356C-498F-AAEA-EC8D05D74877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E53A27F2-9C3D-4670-BE1E-A1F6994EF1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18DEB929-6B35-488B-80BF-70448BF7A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB03E2D-F137-4CBA-887D-D1461735C958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D37175A7-C937-4758-8EED-BE24C43AA115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EF598F-F8F6-4980-BC76-C2FAF8FE7AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CD1432-1C91-4DFE-86E0-E5E97775A425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "768F171C-3625-4696-ACEC-A10FA70F6BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "55B048CA-DDD8-473A-88D5-1AA36B134F1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397."
},
{
"lang": "es",
"value": "La funci\u00f3n Yaml::parse en Symfony 2.0.x anterior a 2.0.22 permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario a trav\u00e9s de un archivo PHP, una vulnerabilidad diferente a CVE-2013-1397."
}
],
"id": "CVE-2013-1348",
"lastModified": "2024-11-21T01:49:24.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-02T15:55:08.433",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/51980"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/57574"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81550"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 16:29
Modified
2024-11-21 03:43
Severity ?
Summary
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| fedoraproject | fedora | 28 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A522BA0-3568-4D2B-8764-34B256AF1FA9",
"versionEndExcluding": "2.7.48",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA7D5E-712A-4D9D-B65D-E0C8646898A3",
"versionEndExcluding": "2.8.41",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5417E6-35FB-4B1B-81DB-A969647DE21B",
"versionEndExcluding": "3.3.17",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B331F8-E8ED-4144-A97A-ACD5B2718134",
"versionEndExcluding": "3.4.11",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E284F91-DBE1-4250-BD1E-ACAFE38D1CD4",
"versionEndExcluding": "4.0.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the \"Guard\" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en el componente Security en Symfony en versiones 2.7.x anteriores a la 2.7.48, versiones 2.8.x anteriores a la 2.8.41, versiones 3.3.x anteriores a la 3.3.17, versiones 3.4.x anteriores a la 3.4.11 y versiones 4.0.x anteriores a la 4.0.11. Una vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en la caracter\u00edstica de inicio de sesi\u00f3n \"Guard\" podr\u00eda permitir que un atacante suplante a una v\u00edctima en la aplicaci\u00f3n web si el valor de ID de sesi\u00f3n ya era anteriormente conocido para el atacante."
}
],
"id": "CVE-2018-11385",
"lastModified": "2024-11-21T03:43:16.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T16:29:00.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4262"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-30 20:15
Modified
2024-11-21 05:33
Severity ?
2.6 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sensiolabs | symfony | * | |
| sensiolabs | symfony | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95F04BAB-4B76-4142-B000-67FA0A9F73F4",
"versionEndExcluding": "4.4.7",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A656BCAC-1974-4E5D-B7E3-4162A6153A4B",
"versionEndExcluding": "5.0.7",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response\u0026#39;s content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7."
},
{
"lang": "es",
"value": "En Symfony en versiones anteriores a las versiones 4.4.7 y 5.0.7, cuando una \"Response\" no contiene un encabezado \"Content-Type\", las versiones afectadas de Symfony pueden retroceder al formato definido en el encabezado \"Accept\" de la petici\u00f3n, conllevando a una posible falta de coincidencia entre el contenido response\u0027s y el encabezado \"Content-Type\". Cuando la respuesta es almacenada en cach\u00e9, esto puede impedir el uso del sitio web por otros usuarios. Esto ha sido parcheado en las versiones 4.4.7 y 5.0.7."
}
],
"id": "CVE-2020-5255",
"lastModified": "2024-11-21T05:33:46.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-30T20:15:19.570",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-435"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}