Vulnerability-Lookup

CVE-2022-24752 (GCVE-0-2022-24752)

Vulnerability from cvelistv5 – Published: 2022-03-15 14:40 – Updated: 2025-04-23 18:53

Title

SQL Injection through sorting parameters in SyliusGridBundle

Summary

SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\Component\Grid\Sorting\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/Sylius/SyliusGridBundle/securi…	x_refsource_CONFIRM
	https://github.com/Sylius/SyliusGridBundle/pull/222	x_refsource_MISC
	https://github.com/Sylius/SyliusGridBundle/commit…	x_refsource_MISC
	https://github.com/Sylius/SyliusGridBundle/releas…	x_refsource_MISC
	https://github.com/Sylius/SyliusGridBundle/releas…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Sylius	SyliusGridBundle	Affected: < 1.10.1 Affected: 1.11-alpha, <= 1.11-rc

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:20:50.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-24752",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:50:16.970081Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:53:49.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SyliusGridBundle",
          "vendor": "Sylius",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.10.1"
            },
            {
              "status": "affected",
              "version": "1.11-alpha, \u003c= 1.11-rc"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-15T14:40:13.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
        }
      ],
      "source": {
        "advisory": "GHSA-2xmm-g482-4439",
        "discovery": "UNKNOWN"
      },
      "title": "SQL Injection through sorting parameters in SyliusGridBundle",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-24752",
          "STATE": "PUBLIC",
          "TITLE": "SQL Injection through sorting parameters in SyliusGridBundle"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SyliusGridBundle",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.10.1"
                          },
                          {
                            "version_value": "1.11-alpha, \u003c= 1.11-rc"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Sylius"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439",
              "refsource": "CONFIRM",
              "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/pull/222",
              "refsource": "MISC",
              "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784",
              "refsource": "MISC",
              "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1",
              "refsource": "MISC",
              "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2",
              "refsource": "MISC",
              "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-2xmm-g482-4439",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-24752",
    "datePublished": "2022-03-15T14:40:13.000Z",
    "dateReserved": "2022-02-10T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:53:49.773Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sylius:syliusgridbundle:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.10.1\", \"matchCriteriaId\": \"058AF7B1-9F39-4F9D-83E6-3B70BAC35488\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA3A1354-6012-4A5C-9CC8-AEBD0EFE95E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:alpha1:*:*:*:*:*:*\", \"matchCriteriaId\": \"41602946-086E-44EA-A909-C2536E6B5531\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD57FD51-4B4F-45F7-88C5-4DC2F22AFF70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"767973ED-EBCC-4433-8385-D42F2BCFE904\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\\\Component\\\\Grid\\\\Sorting\\\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.\"}, {\"lang\": \"es\", \"value\": \"SyliusGridBundle es un paquete de grids de datos gen\\u00e9ricos para aplicaciones Symfony.En versiones anteriores a 1.10.1 y 1.11-rc2, los valores a\\u00f1adidos al final de la ordenaci\\u00f3n de la consulta eran pasados directamente a la base de datos. Los mantenedores no saben si esto podr\\u00eda conllevar a inyecciones SQL directas, pero tomaron medidas para remediar la vulnerabilidad. El problema ha sido corregido en versiones 1.10.1 y 1.11-rc2. Como medida de mitigaci\\u00f3n, sobrescriba la clase \\\"Sylius\\\\Component\\\\Sorting\\\\Sorter.php\\\" y reg\\u00edstrela en el contenedor. Se presenta m\\u00e1s informaci\\u00f3n sobre esta mitigaci\\u00f3n en el aviso de seguridad de GitHub\"}]",
      "id": "CVE-2022-24752",
      "lastModified": "2024-11-21T06:51:01.087",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-03-15T15:15:08.020",
      "references": "[{\"url\": \"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/pull/222\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/pull/222\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-24752\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-03-15T15:15:08.020\",\"lastModified\":\"2024-11-21T06:51:01.087\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\\\Component\\\\Grid\\\\Sorting\\\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.\"},{\"lang\":\"es\",\"value\":\"SyliusGridBundle es un paquete de grids de datos gen\u00e9ricos para aplicaciones Symfony.En versiones anteriores a 1.10.1 y 1.11-rc2, los valores a\u00f1adidos al final de la ordenaci\u00f3n de la consulta eran pasados directamente a la base de datos. Los mantenedores no saben si esto podr\u00eda conllevar a inyecciones SQL directas, pero tomaron medidas para remediar la vulnerabilidad. El problema ha sido corregido en versiones 1.10.1 y 1.11-rc2. Como medida de mitigaci\u00f3n, sobrescriba la clase \\\"Sylius\\\\Component\\\\Sorting\\\\Sorter.php\\\" y reg\u00edstrela en el contenedor. Se presenta m\u00e1s informaci\u00f3n sobre esta mitigaci\u00f3n en el aviso de seguridad de GitHub\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sylius:syliusgridbundle:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.10.1\",\"matchCriteriaId\":\"058AF7B1-9F39-4F9D-83E6-3B70BAC35488\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3A1354-6012-4A5C-9CC8-AEBD0EFE95E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41602946-086E-44EA-A909-C2536E6B5531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD57FD51-4B4F-45F7-88C5-4DC2F22AFF70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sylius:syliusgridbundle:1.11.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"767973ED-EBCC-4433-8385-D42F2BCFE904\"}]}]}],\"references\":[{\"url\":\"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/pull/222\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/pull/222\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"SyliusGridBundle\", \"vendor\": \"Sylius\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.10.1\"}, {\"status\": \"affected\", \"version\": \"1.11-alpha, \u003c= 1.11-rc\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\\\Component\\\\Grid\\\\Sorting\\\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-89\", \"description\": \"CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2022-03-15T14:40:13.000Z\", \"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\"}, \"references\": [{\"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/pull/222\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\"}], \"source\": {\"advisory\": \"GHSA-2xmm-g482-4439\", \"discovery\": \"UNKNOWN\"}, \"title\": \"SQL Injection through sorting parameters in SyliusGridBundle\", \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"security-advisories@github.com\", \"ID\": \"CVE-2022-24752\", \"STATE\": \"PUBLIC\", \"TITLE\": \"SQL Injection through sorting parameters in SyliusGridBundle\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"SyliusGridBundle\", \"version\": {\"version_data\": [{\"version_value\": \"\u003c 1.10.1\"}, {\"version_value\": \"1.11-alpha, \u003c= 1.11-rc\"}]}}]}, \"vendor_name\": \"Sylius\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\\\Component\\\\Grid\\\\Sorting\\\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.\"}]}, \"impact\": {\"cvss\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\", \"refsource\": \"CONFIRM\", \"url\": \"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\"}, {\"name\": \"https://github.com/Sylius/SyliusGridBundle/pull/222\", \"refsource\": \"MISC\", \"url\": \"https://github.com/Sylius/SyliusGridBundle/pull/222\"}, {\"name\": \"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\", \"refsource\": \"MISC\", \"url\": \"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\"}, {\"name\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\", \"refsource\": \"MISC\", \"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\"}, {\"name\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\", \"refsource\": \"MISC\", \"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\"}]}, \"source\": {\"advisory\": \"GHSA-2xmm-g482-4439\", \"discovery\": \"UNKNOWN\"}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:20:50.550Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/pull/222\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-24752\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T15:50:16.970081Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T15:50:18.923Z\"}}]}",
      "cveMetadata": "{\"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"assignerShortName\": \"GitHub_M\", \"cveId\": \"CVE-2022-24752\", \"datePublished\": \"2022-03-15T14:40:13.000Z\", \"dateReserved\": \"2022-02-10T00:00:00.000Z\", \"dateUpdated\": \"2025-04-23T18:53:49.773Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2022-24752

Vulnerability from fkie_nvd - Published: 2022-03-15 15:15 - Updated: 2024-11-21 06:51

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/Sylius/SyliusGridBundle/pull/222	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Sylius/SyliusGridBundle/pull/222	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439	Third Party Advisory

Impacted products

Vendor	Product	Version
sylius	syliusgridbundle	*
sylius	syliusgridbundle	1.11.0
sylius	syliusgridbundle	1.11.0
sylius	syliusgridbundle	1.11.0
sylius	syliusgridbundle	1.11.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sylius:syliusgridbundle:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058AF7B1-9F39-4F9D-83E6-3B70BAC35488",
              "versionEndExcluding": "1.10.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA3A1354-6012-4A5C-9CC8-AEBD0EFE95E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "41602946-086E-44EA-A909-C2536E6B5531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "FD57FD51-4B4F-45F7-88C5-4DC2F22AFF70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "767973ED-EBCC-4433-8385-D42F2BCFE904",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory."
    },
    {
      "lang": "es",
      "value": "SyliusGridBundle es un paquete de grids de datos gen\u00e9ricos para aplicaciones Symfony.En versiones anteriores a 1.10.1 y 1.11-rc2, los valores a\u00f1adidos al final de la ordenaci\u00f3n de la consulta eran pasados directamente a la base de datos. Los mantenedores no saben si esto podr\u00eda conllevar a inyecciones SQL directas, pero tomaron medidas para remediar la vulnerabilidad. El problema ha sido corregido en versiones 1.10.1 y 1.11-rc2. Como medida de mitigaci\u00f3n, sobrescriba la clase \"Sylius\\Component\\Sorting\\Sorter.php\" y reg\u00edstrela en el contenedor. Se presenta m\u00e1s informaci\u00f3n sobre esta mitigaci\u00f3n en el aviso de seguridad de GitHub"
    }
  ],
  "id": "CVE-2022-24752",
  "lastModified": "2024-11-21T06:51:01.087",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-03-15T15:15:08.020",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GSD-2022-24752

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-24752

Aliases

CVE-2022-24752

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-24752",
    "description": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.",
    "id": "GSD-2022-24752"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-24752"
      ],
      "details": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.",
      "id": "GSD-2022-24752",
      "modified": "2023-12-13T01:19:43.354899Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-24752",
        "STATE": "PUBLIC",
        "TITLE": "SQL Injection through sorting parameters in SyliusGridBundle"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SyliusGridBundle",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 1.10.1"
                        },
                        {
                          "version_value": "1.11-alpha, \u003c= 1.11-rc"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Sylius"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439",
            "refsource": "CONFIRM",
            "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
          },
          {
            "name": "https://github.com/Sylius/SyliusGridBundle/pull/222",
            "refsource": "MISC",
            "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
          },
          {
            "name": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784",
            "refsource": "MISC",
            "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
          },
          {
            "name": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1",
            "refsource": "MISC",
            "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
          },
          {
            "name": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2",
            "refsource": "MISC",
            "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-2xmm-g482-4439",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.10.1",
          "affected_versions": "All versions before 1.10.1",
          "cwe_ids": [
            "CWE-1035",
            "CWE-89",
            "CWE-937"
          ],
          "date": "2022-03-18",
          "description": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.",
          "fixed_versions": [
            "1.10.1"
          ],
          "identifier": "CVE-2022-24752",
          "identifiers": [
            "GHSA-2xmm-g482-4439",
            "CVE-2022-24752"
          ],
          "not_impacted": "All versions starting from 1.10.1",
          "package_slug": "packagist/sylius/grid-bundle",
          "pubdate": "2022-03-15",
          "solution": "Upgrade to version 1.10.1 or above.",
          "title": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
          "urls": [
            "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-24752",
            "https://github.com/Sylius/SyliusGridBundle/pull/222",
            "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784",
            "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1",
            "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2",
            "https://github.com/advisories/GHSA-2xmm-g482-4439"
          ],
          "uuid": "77a67881-5ace-4a44-999e-a499d0a4f742"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sylius:syliusgridbundle:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.10.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:alpha1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sylius:syliusgridbundle:1.11.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-24752"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\\Component\\Grid\\Sorting\\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-89"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/pull/222",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
            },
            {
              "name": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-03-25T12:42Z",
      "publishedDate": "2022-03-15T15:15Z"
    }
  }
}

GHSA-2XMM-G482-4439

Vulnerability from github – Published: 2022-03-15 19:09 – Updated: 2022-03-15 19:09

Summary

DQL injection through sorting parameters blocked

Details

Impact

Values added at the end of query sorting were passed directly to the DB. We don't know, if it could lead to direct SQL injections, however, we should not allow for easy injection of values there anyway.

Patches

The issue is fixed in version 1.10.1 and in 1.11-rc.1

Workarounds

You have to overwrite your Sylius\Component\Grid\Sorting\Sorter.php class:

<?php

// src/App/Sorting/Sorter.php

declare(strict_types=1);

namespace App\Sorting;

use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Sylius\Component\Grid\Data\DataSourceInterface;
use Sylius\Component\Grid\Definition\Grid;
use Sylius\Component\Grid\Parameters;
use Sylius\Component\Grid\Sorting\SorterInterface;

final class Sorter implements SorterInterface
{
    public function sort(DataSourceInterface $dataSource, Grid $grid, Parameters $parameters): void
    {
        $enabledFields = $grid->getFields();
        $expressionBuilder = $dataSource->getExpressionBuilder();

        $sorting = $parameters->get('sorting', $grid->getSorting());
        $this->validateSortingParams($sorting, $enabledFields);

        foreach ($sorting as $field => $order) {
            $this->validateFieldNames($field, $enabledFields);

            $gridField = $grid->getField($field);
            $property = $gridField->getSortable();

            if (null !== $property) {
                $expressionBuilder->addOrderBy($property, $order);
            }
        }
    }

    private function validateSortingParams(array $sorting, array $enabledFields): void
    {
        foreach (array_keys($enabledFields) as $key) {
            if (array_key_exists($key, $sorting) && !in_array($sorting[$key], ['asc', 'desc'])) {
                throw new BadRequestHttpException(sprintf('%s is not valid, use asc or desc instead.', $sorting[$key]));
            }
        }
    }

    private function validateFieldNames(string $fieldName, array $enabledFields): void
    {
        $enabledFieldsNames = array_keys($enabledFields);

        if (!in_array($fieldName, $enabledFieldsNames, true)) {
            throw new BadRequestHttpException(sprintf('%s is not valid field, did you mean one of these: %s?', $fieldName, implode(', ', $enabledFieldsNames)));
        }
    }
}

and register it in your container:

# config/services.yaml
services:
    # ...
    sylius.grid.sorter:
        class: App\Sorting\Sorter

For more information

If you have any questions or comments about this advisory: * Open an issue in Sylius issues * Email us at security@sylius.com

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "sylius/grid-bundle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24752"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-03-15T19:09:16Z",
    "nvd_published_at": "2022-03-15T15:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\nValues added at the end of query sorting were passed directly to the DB. We don\u0027t know, if it could lead to direct SQL injections, however, we should not allow for easy injection of values there anyway.\n\n### Patches\nThe issue is fixed in version 1.10.1 and in 1.11-rc.1\n\n### Workarounds\n\nYou have to overwrite your `Sylius\\Component\\Grid\\Sorting\\Sorter.php` class:\n\n```php\n\u003c?php\n\n// src/App/Sorting/Sorter.php\n\ndeclare(strict_types=1);\n\nnamespace App\\Sorting;\n\nuse Symfony\\Component\\HttpKernel\\Exception\\BadRequestHttpException;\nuse Sylius\\Component\\Grid\\Data\\DataSourceInterface;\nuse Sylius\\Component\\Grid\\Definition\\Grid;\nuse Sylius\\Component\\Grid\\Parameters;\nuse Sylius\\Component\\Grid\\Sorting\\SorterInterface;\n\nfinal class Sorter implements SorterInterface\n{\n    public function sort(DataSourceInterface $dataSource, Grid $grid, Parameters $parameters): void\n    {\n        $enabledFields = $grid-\u003egetFields();\n        $expressionBuilder = $dataSource-\u003egetExpressionBuilder();\n\n        $sorting = $parameters-\u003eget(\u0027sorting\u0027, $grid-\u003egetSorting());\n        $this-\u003evalidateSortingParams($sorting, $enabledFields);\n\n        foreach ($sorting as $field =\u003e $order) {\n            $this-\u003evalidateFieldNames($field, $enabledFields);\n\n            $gridField = $grid-\u003egetField($field);\n            $property = $gridField-\u003egetSortable();\n\n            if (null !== $property) {\n                $expressionBuilder-\u003eaddOrderBy($property, $order);\n            }\n        }\n    }\n\n    private function validateSortingParams(array $sorting, array $enabledFields): void\n    {\n        foreach (array_keys($enabledFields) as $key) {\n            if (array_key_exists($key, $sorting) \u0026\u0026 !in_array($sorting[$key], [\u0027asc\u0027, \u0027desc\u0027])) {\n                throw new BadRequestHttpException(sprintf(\u0027%s is not valid, use asc or desc instead.\u0027, $sorting[$key]));\n            }\n        }\n    }\n\n    private function validateFieldNames(string $fieldName, array $enabledFields): void\n    {\n        $enabledFieldsNames = array_keys($enabledFields);\n\n        if (!in_array($fieldName, $enabledFieldsNames, true)) {\n            throw new BadRequestHttpException(sprintf(\u0027%s is not valid field, did you mean one of these: %s?\u0027, $fieldName, implode(\u0027, \u0027, $enabledFieldsNames)));\n        }\n    }\n}\n```\nand register it in your container: \n\n```yaml\n# config/services.yaml\nservices:\n    # ...\n    sylius.grid.sorter:\n        class: App\\Sorting\\Sorter\n```\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Sylius issues](https://github.com/Sylius/Sylius/issues)\n* Email us at [security@sylius.com](mailto:security@sylius.com)",
  "id": "GHSA-2xmm-g482-4439",
  "modified": "2022-03-15T19:09:16Z",
  "published": "2022-03-15T19:09:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Sylius/SyliusGridBundle/security/advisories/GHSA-2xmm-g482-4439"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24752"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Sylius/SyliusGridBundle/pull/222"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Sylius/SyliusGridBundle/commit/73d0791d0575f955e830a3da4c3345f420d2f784"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Sylius/SyliusGridBundle"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.10.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Sylius/SyliusGridBundle/releases/tag/v1.11.0-RC.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "DQL injection through sorting parameters blocked"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-24752 (GCVE-0-2022-24752)

FKIE_CVE-2022-24752

GSD-2022-24752

GHSA-2XMM-G482-4439

Impact

Patches

Workarounds

For more information

Tags

Sightings

Nomenclature