All the vulnerabilites related to symfony - symfony
cve-2020-5274
Vulnerability from cvelistv5
Published
2020-03-30 19:40
Modified
2024-08-04 08:22
Severity ?
EPSS score ?
Summary
Exceptions displayed in non-debug configurations in Symfony
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2 | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db | x_refsource_MISC | |
| https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.4.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-30T19:40:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
}
],
"source": {
"advisory": "GHSA-m884-279h-32v2",
"discovery": "UNKNOWN"
},
"title": "Exceptions displayed in non-debug configurations in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5274",
"STATE": "PUBLIC",
"TITLE": "Exceptions displayed in non-debug configurations in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0.0, \u003c 4.4.5"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.5"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209: Generation of Error Message Containing Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m884-279h-32v2"
},
{
"name": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db"
},
{
"name": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad"
}
]
},
"source": {
"advisory": "GHSA-m884-279h-32v2",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5274",
"datePublished": "2020-03-30T19:40:14",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24894
Vulnerability from cvelistv5
Published
2023-02-03 21:46
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
Symfony storing cookie headers in HttpCache
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv"
},
{
"name": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 4.4.50"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.4.20"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.0.20"
},
{
"status": "affected",
"version": "\u003e= 6.1.0, \u003c 6.1.12"
},
{
"status": "affected",
"version": "\u003e= 6.2.0, \u003c 6.2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim\u0027s session. This issue has been patched and is available for branch 4.4.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T21:46:23.702Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv"
},
{
"name": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"source": {
"advisory": "GHSA-h7vf-5wrv-9fhv",
"discovery": "UNKNOWN"
},
"title": "Symfony storing cookie headers in HttpCache"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24894",
"datePublished": "2023-02-03T21:46:23.702Z",
"dateReserved": "2022-02-10T16:41:34.956Z",
"dateUpdated": "2024-08-03T04:29:01.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50341
Vulnerability from cvelistv5
Published
2024-11-06 21:06
Modified
2024-11-07 15:27
Severity ?
EPSS score ?
Summary
Security::login does not take into account custom user_checker in symfony/security-bundle
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T15:26:59.288534Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:27:06.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.2.0, \u003c 6.4.10"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.0.10"
},
{
"status": "affected",
"version": "\u003e= 7.1.0, \u003c 7.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack framework. The custom `user_checker` defined on a firewall is not called when Login Programmaticaly with the `Security::login` method, leading to unwanted login. As of versions 6.4.10, 7.0.10 and 7.1.3 the `Security::login` method now ensure to call the configured `user_checker`. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:07:11.065Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v"
},
{
"name": "https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105"
}
],
"source": {
"advisory": "GHSA-jxgr-3v7q-3w9v",
"discovery": "UNKNOWN"
},
"title": "Security::login does not take into account custom user_checker in symfony/security-bundle"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-50341",
"datePublished": "2024-11-06T21:06:49.426Z",
"dateReserved": "2024-10-22T17:54:40.955Z",
"dateUpdated": "2024-11-07T15:27:06.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24895
Vulnerability from cvelistv5
Published
2023-02-03 21:45
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
Symfony vulnerable to Session Fixation of CSRF tokens
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m"
},
{
"name": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946"
},
{
"name": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4"
},
{
"name": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 4.4.50"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.4.20"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.0.20"
},
{
"status": "affected",
"version": "\u003e= 6.1.0, \u003c 6.1.12"
},
{
"status": "affected",
"version": "\u003e= 6.2.0, \u003c 6.2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch. \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T21:45:26.887Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m"
},
{
"name": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/security-bundle/commit/076fd2088ada33d760758d98ff07ddedbf567946"
},
{
"name": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4"
},
{
"name": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"source": {
"advisory": "GHSA-3gv2-29qc-v67m",
"discovery": "UNKNOWN"
},
"title": "Symfony vulnerable to Session Fixation of CSRF tokens"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24895",
"datePublished": "2023-02-03T21:45:26.887Z",
"dateReserved": "2022-02-10T16:41:34.956Z",
"dateUpdated": "2024-08-03T04:29:01.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5255
Vulnerability from cvelistv5
Published
2020-03-30 19:30
Modified
2024-08-04 08:22
Severity ?
EPSS score ?
Summary
Prevent cache poisoning via a Response Content-Type header
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859 | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6 | x_refsource_MISC | |
| https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.4.0 and \u003c 4.4.7"
},
{
"status": "affected",
"version": "\u003e= 5.0.0 and \u003c 5.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response\u0026#39;s content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-435",
"description": "CWE-435 Improper Interaction Between Multiple Correctly-Behaving Entities",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T16:06:00",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"source": {
"advisory": "GHSA-mcx4-f5f5-4859",
"discovery": "UNKNOWN"
},
"title": "Prevent cache poisoning via a Response Content-Type header",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5255",
"STATE": "PUBLIC",
"TITLE": "Prevent cache poisoning via a Response Content-Type header"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.4.0 and \u003c 4.4.7"
},
{
"version_value": "\u003e= 5.0.0 and \u003c 5.0.7"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response\u0026#39;s content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-435 Improper Interaction Between Multiple Correctly-Behaving Entities"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859"
},
{
"name": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6"
},
{
"name": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header",
"refsource": "MISC",
"url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header"
},
{
"name": "FEDORA-2020-fade6a8df7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
]
},
"source": {
"advisory": "GHSA-mcx4-f5f5-4859",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5255",
"datePublished": "2020-03-30T19:30:15",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-51736
Vulnerability from cvelistv5
Published
2024-11-06 20:51
Modified
2024-11-06 20:51
Severity ?
EPSS score ?
Summary
Command execution hijack on Windows with Process class in symfony/process
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q | x_refsource_MISC |
{
"containers": {
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003c 5.4.46"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.4.14"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when preparing command arguments, leading to possible hijacking. This issue has been addressed in release versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T20:51:38.536Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q"
},
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q"
}
],
"source": {
"advisory": "GHSA-qq5c-677p-737q",
"discovery": "UNKNOWN"
},
"title": "Command execution hijack on Windows with Process class in symfony/process"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-51736",
"datePublished": "2024-11-06T20:51:38.536Z",
"dateReserved": "2024-10-31T14:12:45.788Z",
"dateUpdated": "2024-11-06T20:51:38.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-32693
Vulnerability from cvelistv5
Published
2021-06-17 22:40
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Authentication granted with multiple firewalls
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:31.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-17T22:40:11",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
}
],
"source": {
"advisory": "GHSA-rfcf-m67m-jcrq",
"discovery": "UNKNOWN"
},
"title": "Authentication granted with multiple firewalls",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32693",
"STATE": "PUBLIC",
"TITLE": "Authentication granted with multiple firewalls"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.2"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq"
},
{
"name": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129",
"refsource": "MISC",
"url": "https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129"
},
{
"name": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728"
},
{
"name": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one",
"refsource": "MISC",
"url": "https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one"
}
]
},
"source": {
"advisory": "GHSA-rfcf-m67m-jcrq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32693",
"datePublished": "2021-06-17T22:40:11",
"dateReserved": "2021-05-12T00:00:00",
"dateUpdated": "2024-08-03T23:25:31.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5275
Vulnerability from cvelistv5
Published
2020-03-30 19:45
Modified
2024-08-04 08:22
Severity ?
EPSS score ?
Summary
Firewall configured with unanimous strategy was not actually unanimous in symfony/security-http
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72 | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.7"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule\u0027s attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-09T16:06:00",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"name": "FEDORA-2020-fade6a8df7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
],
"source": {
"advisory": "GHSA-g4m9-5hpf-hx72",
"discovery": "UNKNOWN"
},
"title": "Firewall configured with unanimous strategy was not actually unanimous in symfony/security-http",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5275",
"STATE": "PUBLIC",
"TITLE": "Firewall configured with unanimous strategy was not actually unanimous in symfony/security-http"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.7"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.7"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule\u0027s attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g4m9-5hpf-hx72"
},
{
"name": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf"
},
{
"name": "FEDORA-2020-fade6a8df7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/"
}
]
},
"source": {
"advisory": "GHSA-g4m9-5hpf-hx72",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5275",
"datePublished": "2020-03-30T19:45:14",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-51996
Vulnerability from cvelistv5
Published
2024-11-13 16:18
Modified
2024-11-13 18:49
Severity ?
EPSS score ?
Summary
Symphony has an Authentication Bypass via RememberMe
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-cg23-qf8f-62rr | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/81354d392c5f0b7a52bcbd729d6f82501e94135a | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:symphony_php_framework:symphony_process:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symphony_process",
"vendor": "symphony_php_framework",
"versions": [
{
"lessThanOrEqual": "5.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.4.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.0.0-BETA1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.4.15",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.0-BETA1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "7.1.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T18:49:11.199886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:49:31.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.4.47"
},
{
"status": "affected",
"version": "\u003e= 6.0.0-BETA1, \u003c 6.4.15"
},
{
"status": "affected",
"version": "\u003e= 7.0.0-BETA1, \u003c 7.1.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the username attached with the cookie, leading to authentication bypass. This vulnerability is fixed in 5.4.47, 6.4.15, and 7.1.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-289",
"description": "CWE-289: Authentication Bypass by Alternate Name",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T16:18:49.473Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-cg23-qf8f-62rr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-cg23-qf8f-62rr"
},
{
"name": "https://github.com/symfony/symfony/commit/81354d392c5f0b7a52bcbd729d6f82501e94135a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/81354d392c5f0b7a52bcbd729d6f82501e94135a"
}
],
"source": {
"advisory": "GHSA-cg23-qf8f-62rr",
"discovery": "UNKNOWN"
},
"title": "Symphony has an Authentication Bypass via RememberMe"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-51996",
"datePublished": "2024-11-13T16:18:49.473Z",
"dateReserved": "2024-11-04T17:46:16.776Z",
"dateUpdated": "2024-11-13T18:49:31.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46734
Vulnerability from cvelistv5
Published
2023-11-10 17:49
Modified
2024-09-03 15:36
Severity ?
EPSS score ?
Summary
Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
},
{
"name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
},
{
"name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:11:26.071140Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:36:18.165Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 4.4.51"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.4.31"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T21:37:51.250Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
},
{
"name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
},
{
"name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
}
],
"source": {
"advisory": "GHSA-q847-2q57-wmr3",
"discovery": "UNKNOWN"
},
"title": "Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46734",
"datePublished": "2023-11-10T17:49:55.188Z",
"dateReserved": "2023-10-25T14:30:33.752Z",
"dateUpdated": "2024-09-03T15:36:18.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46733
Vulnerability from cvelistv5
Published
2023-11-10 17:09
Modified
2024-09-03 15:36
Severity ?
EPSS score ?
Summary
Symfony possible session fixation vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9 | x_refsource_MISC | |
| https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:20.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
},
{
"name": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9"
},
{
"name": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:11:06.472668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:36:38.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.21, \u003c 5.4.31"
},
{
"status": "affected",
"version": "\u003e= 6.2.7, \u003c 6.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn\u0027t change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T17:09:13.936Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
},
{
"name": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9"
},
{
"name": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74"
}
],
"source": {
"advisory": "GHSA-m2wj-r6g3-fxfx",
"discovery": "UNKNOWN"
},
"title": "Symfony possible session fixation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46733",
"datePublished": "2023-11-10T17:09:13.936Z",
"dateReserved": "2023-10-25T14:30:33.752Z",
"dateUpdated": "2024-09-03T15:36:38.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-41267
Vulnerability from cvelistv5
Published
2021-11-24 18:55
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Webcache Poisoning in Symfony
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/pull/44243 | x_refsource_MISC | |
| https://github.com/symfony/symfony/releases/tag/v5.3.12 | x_refsource_MISC | |
| https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the \"trusted_headers\" allowed list are ignored and protect users from \"Cache poisoning\" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the \"trusted_headers\" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T18:55:17",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
}
],
"source": {
"advisory": "GHSA-q3j3-w37x-hq2q",
"discovery": "UNKNOWN"
},
"title": "Webcache Poisoning in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41267",
"STATE": "PUBLIC",
"TITLE": "Webcache Poisoning in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.2.0, \u003c 5.3.12"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the \"trusted_headers\" allowed list are ignored and protect users from \"Cache poisoning\" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the \"trusted_headers\" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/pull/44243",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v5.3.12",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-q3j3-w37x-hq2q"
},
{
"name": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487"
}
]
},
"source": {
"advisory": "GHSA-q3j3-w37x-hq2q",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41267",
"datePublished": "2021-11-24T18:55:17",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-15094
Vulnerability from cvelistv5
Published
2020-09-02 17:35
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
RCE in Symfony
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78 | x_refsource_MISC | |
| https://packagist.org/packages/symfony/symfony | x_refsource_MISC | |
| https://packagist.org/packages/symfony/http-kernel | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:22.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/symfony/symfony"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"name": "FEDORA-2020-16eb328853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"name": "FEDORA-2020-1c549262f1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.13"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind (all HTTP calls come from a trusted backend in that scenario). But when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible. This has been fixed in versions 4.4.13 and 5.1.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-212",
"description": "{\"CWE-212\":\"Improper Removal of Sensitive Information Before Storage or Transfer\"}",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-25T18:06:43",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/symfony/symfony"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"name": "FEDORA-2020-16eb328853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"name": "FEDORA-2020-1c549262f1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
}
],
"source": {
"advisory": "GHSA-754h-5r27-7x3r",
"discovery": "UNKNOWN"
},
"title": "RCE in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15094",
"STATE": "PUBLIC",
"TITLE": "RCE in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.13"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.1.5"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind (all HTTP calls come from a trusted backend in that scenario). But when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible. This has been fixed in versions 4.4.13 and 5.1.5."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "{\"CWE-212\":\"Improper Removal of Sensitive Information Before Storage or Transfer\"}"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r"
},
{
"name": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78"
},
{
"name": "https://packagist.org/packages/symfony/symfony",
"refsource": "MISC",
"url": "https://packagist.org/packages/symfony/symfony"
},
{
"name": "https://packagist.org/packages/symfony/http-kernel",
"refsource": "MISC",
"url": "https://packagist.org/packages/symfony/http-kernel"
},
{
"name": "FEDORA-2020-16eb328853",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VAQJXAKWPMWB7OL6QPG2ZSEQZYYPU5RC/"
},
{
"name": "FEDORA-2020-1c549262f1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HNGUWOEETOFVH4PN3I3YO4QZHQ4AUKF3/"
}
]
},
"source": {
"advisory": "GHSA-754h-5r27-7x3r",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15094",
"datePublished": "2020-09-02T17:35:15",
"dateReserved": "2020-06-25T00:00:00",
"dateUpdated": "2024-08-04T13:08:22.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23601
Vulnerability from cvelistv5
Published
2022-02-01 12:17
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
CSRF token missing in Symfony
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "5.3.14"
},
{
"status": "affected",
"version": "5.4.3"
},
{
"status": "affected",
"version": "6.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-01T12:17:35",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
}
],
"source": {
"advisory": "GHSA-vvmr-8829-6whx",
"discovery": "UNKNOWN"
},
"title": "CSRF token missing in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-23601",
"STATE": "PUBLIC",
"TITLE": "CSRF token missing in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.3.14",
"version_value": "5.3.14"
},
{
"version_affected": "=",
"version_name": "5.4.3",
"version_value": "5.4.3"
},
{
"version_affected": "=",
"version_name": "6.0.3",
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks. This issue has been resolved in the patch versions listed and users are advised to update. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-vvmr-8829-6whx"
},
{
"name": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50"
}
]
},
"source": {
"advisory": "GHSA-vvmr-8829-6whx",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23601",
"datePublished": "2022-02-01T12:17:35",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:43:46.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50343
Vulnerability from cvelistv5
Published
2024-11-06 21:00
Modified
2024-11-07 15:25
Severity ?
EPSS score ?
Summary
Incorrect response from Validator when input ends with `\n` in symfony/validator
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9 | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T15:25:47.383236Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:25:56.212Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003c 5.4.43"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.4.11"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a `Validator` configured with a regular expression using the `$` metacharacters, with an input ending with `\\n`. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the `D` regex modifier to match the entire input. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:00:55.266Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9"
},
{
"name": "https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f"
}
],
"source": {
"advisory": "GHSA-g3rh-rrhp-jhh9",
"discovery": "UNKNOWN"
},
"title": "Incorrect response from Validator when input ends with `\\n` in symfony/validator"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-50343",
"datePublished": "2024-11-06T21:00:55.266Z",
"dateReserved": "2024-10-22T17:54:40.955Z",
"dateUpdated": "2024-11-07T15:25:56.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46735
Vulnerability from cvelistv5
Published
2023-11-10 17:58
Modified
2024-09-03 15:24
Severity ?
EPSS score ?
Summary
Symfony potential Cross-site Scripting in WebhookController
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
},
{
"name": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:14:14.893233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:24:36.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.3.0, \u003c 6.3.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn\u0027t return any user-submitted input in its response."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-10T17:58:18.136Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
},
{
"name": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962"
}
],
"source": {
"advisory": "GHSA-72x2-5c85-6wmr",
"discovery": "UNKNOWN"
},
"title": "Symfony potential Cross-site Scripting in WebhookController"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46735",
"datePublished": "2023-11-10T17:58:18.136Z",
"dateReserved": "2023-10-25T14:30:33.752Z",
"dateUpdated": "2024-09-03T15:24:36.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-41270
Vulnerability from cvelistv5
Published
2021-11-24 19:05
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
CSV Injection in Symfony
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/pull/44243 | x_refsource_MISC | |
| https://github.com/symfony/symfony/releases/tag/v5.3.12 | x_refsource_MISC | |
| https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"name": "FEDORA-2021-0294e8ca24",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
},
{
"name": "FEDORA-2021-10fd47b32d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.4.35"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\\t`) part of the vulnerable characters, and OWASP suggests using the single quote `\u0027` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `\u0027` to prefix formulas and add the prefix to cells starting by `\\t`, `\\r` as well as `=`, `+`, `-` and `@`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236: Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-03T02:06:25",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"name": "FEDORA-2021-0294e8ca24",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
},
{
"name": "FEDORA-2021-10fd47b32d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
}
],
"source": {
"advisory": "GHSA-2xhg-w2g5-w95x",
"discovery": "UNKNOWN"
},
"title": "CSV Injection in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41270",
"STATE": "PUBLIC",
"TITLE": "CSV Injection in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.1.0, \u003c 4.4.35"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.3.12"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\\t`) part of the vulnerable characters, and OWASP suggests using the single quote `\u0027` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `\u0027` to prefix formulas and add the prefix to cells starting by `\\t`, `\\r` as well as `=`, `+`, `-` and `@`."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1236: Improper Neutralization of Formula Elements in a CSV File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/pull/44243",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v5.3.12",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
},
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-2xhg-w2g5-w95x"
},
{
"name": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8"
},
{
"name": "FEDORA-2021-0294e8ca24",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QSREFD2TJT5LWKM6S4MD3W26NQQ5WJUP/"
},
{
"name": "FEDORA-2021-10fd47b32d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BPT4SF6SIXFMZARDWED5T32J7JEH3EP/"
}
]
},
"source": {
"advisory": "GHSA-2xhg-w2g5-w95x",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41270",
"datePublished": "2021-11-24T19:05:11",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-41268
Vulnerability from cvelistv5
Published
2021-11-24 18:55
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Cookie persistence in Symfony
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/pull/44243 | x_refsource_MISC | |
| https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc | x_refsource_MISC | |
| https://github.com/symfony/symfony/releases/tag/v5.3.12 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T18:55:12",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
}
],
"source": {
"advisory": "GHSA-qw36-p97w-vcqr",
"discovery": "UNKNOWN"
},
"title": "Cookie persistence in Symfony",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41268",
"STATE": "PUBLIC",
"TITLE": "Cookie persistence in Symfony"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "symfony",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.12"
}
]
}
}
]
},
"vendor_name": "symfony"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384: Session Fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr",
"refsource": "CONFIRM",
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-qw36-p97w-vcqr"
},
{
"name": "https://github.com/symfony/symfony/pull/44243",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/pull/44243"
},
{
"name": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc"
},
{
"name": "https://github.com/symfony/symfony/releases/tag/v5.3.12",
"refsource": "MISC",
"url": "https://github.com/symfony/symfony/releases/tag/v5.3.12"
}
]
},
"source": {
"advisory": "GHSA-qw36-p97w-vcqr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41268",
"datePublished": "2021-11-24T18:55:12",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50342
Vulnerability from cvelistv5
Published
2024-11-06 21:03
Modified
2024-11-07 15:26
Severity ?
EPSS score ?
Summary
Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50342",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T15:26:26.266702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:26:33.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003c 5.4.46"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.4.14"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:03:12.331Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm"
},
{
"name": "https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b"
}
],
"source": {
"advisory": "GHSA-9c3x-r3wp-mgxm",
"discovery": "UNKNOWN"
},
"title": "Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-50342",
"datePublished": "2024-11-06T21:03:12.331Z",
"dateReserved": "2024-10-22T17:54:40.955Z",
"dateUpdated": "2024-11-07T15:26:33.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21424
Vulnerability from cvelistv5
Published
2021-05-13 00:00
Modified
2024-08-03 18:09
Severity ?
EPSS score ?
Summary
Prevent user enumeration using Guard or the new Authenticator-based Security
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:09:16.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011"
},
{
"name": "FEDORA-2021-f3ad34aa9f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4/"
},
{
"name": "FEDORA-2021-121edb82dd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3/"
},
{
"name": "FEDORA-2021-c57937ab9f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW/"
},
{
"name": "FEDORA-2021-2d145b95f6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M/"
},
{
"name": "[debian-lts-announce] 20230711 [SECURITY] [DLA 3493-1] symfony security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.8.0, \u003c 3.4.48"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.4.23"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.2.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T00:00:00",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68"
},
{
"url": "https://github.com/symfony/symfony/commit/2a581d22cc621b33d5464ed65c4bc2057f72f011"
},
{
"name": "FEDORA-2021-f3ad34aa9f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4/"
},
{
"name": "FEDORA-2021-121edb82dd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRUS2H2SSOQWNLBD35SKIWIDQEMV2PD3/"
},
{
"name": "FEDORA-2021-c57937ab9f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UC7BND775DVZDQT3RMGD2HVB2PKLJDJW/"
},
{
"name": "FEDORA-2021-2d145b95f6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH7TMM5CHQYBFFGXWRPJDPB3SKCZXI2M/"
},
{
"name": "[debian-lts-announce] 20230711 [SECURITY] [DLA 3493-1] symfony security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html"
}
],
"source": {
"advisory": "GHSA-5pv8-ppvj-4h68",
"discovery": "UNKNOWN"
},
"title": "Prevent user enumeration using Guard or the new Authenticator-based Security"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-21424",
"datePublished": "2021-05-13T00:00:00",
"dateReserved": "2020-12-22T00:00:00",
"dateUpdated": "2024-08-03T18:09:16.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50340
Vulnerability from cvelistv5
Published
2024-11-06 21:09
Modified
2024-11-07 15:29
Severity ?
EPSS score ?
Summary
Ability to change environment from query in symfony/runtime
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j | x_refsource_CONFIRM | |
| https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symfony",
"vendor": "sensiolabs",
"versions": [
{
"lessThan": "5.4.46",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.4.14",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "7.1.7",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T15:27:34.309967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:29:50.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003c 5.4.46"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.4.14"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request. As of versions 5.4.46, 6.4.14, and 7.1.7 the `SymfonyRuntime` now ignores the `argv` values for non-SAPI PHP runtimes. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:09:46.750Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j"
},
{
"name": "https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa"
}
],
"source": {
"advisory": "GHSA-x8vp-gf4q-mw5j",
"discovery": "UNKNOWN"
},
"title": "Ability to change environment from query in symfony/runtime"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-50340",
"datePublished": "2024-11-06T21:09:46.750Z",
"dateReserved": "2024-10-22T17:54:40.955Z",
"dateUpdated": "2024-11-07T15:29:50.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50345
Vulnerability from cvelistv5
Published
2024-11-06 20:56
Modified
2024-11-07 15:22
Severity ?
EPSS score ?
Summary
Open redirect via browser-sanitized URLs in symfony/http-foundation
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp | x_refsource_CONFIRM | |
| https://url.spec.whatwg.org | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T15:21:57.359493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:22:48.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "symfony",
"vendor": "symfony",
"versions": [
{
"status": "affected",
"version": "\u003c 5.4.46"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.4.14"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T20:56:21.062Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp"
},
{
"name": "https://url.spec.whatwg.org",
"tags": [
"x_refsource_MISC"
],
"url": "https://url.spec.whatwg.org"
}
],
"source": {
"advisory": "GHSA-mrqx-rp3w-jpjp",
"discovery": "UNKNOWN"
},
"title": "Open redirect via browser-sanitized URLs in symfony/http-foundation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-50345",
"datePublished": "2024-11-06T20:56:21.062Z",
"dateReserved": "2024-10-22T17:54:40.955Z",
"dateUpdated": "2024-11-07T15:22:48.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}