cvelistv5 - cve-2023-46734

CVE-2023-46734 (GCVE-0-2023-46734)

Vulnerability from cvelistv5 – Published: 2023-11-10 17:49 – Updated: 2025-02-13 17:14

Summary

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.

Severity ?

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/symfony/symfony/security/advis…	x_refsource_CONFIRM
	https://github.com/symfony/symfony/commit/5d095d5…	x_refsource_MISC
	https://github.com/symfony/symfony/commit/9da9a14…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2023…

Impacted products

	Vendor	Product	Version
	symfony	symfony	Affected: >= 2.0.0, < 4.4.51 Affected: >= 5.0.0, < 5.4.31 Affected: >= 6.0.0, < 6.3.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:53:21.147Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
          },
          {
            "name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
          },
          {
            "name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-46734",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-03T15:11:26.071140Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T15:36:18.165Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "symfony",
          "vendor": "symfony",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.0.0, \u003c 4.4.51"
            },
            {
              "status": "affected",
              "version": "\u003e= 5.0.0, \u003c 5.4.31"
            },
            {
              "status": "affected",
              "version": "\u003e= 6.0.0, \u003c 6.3.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-24T20:06:11.907Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
        },
        {
          "name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
        },
        {
          "name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
        }
      ],
      "source": {
        "advisory": "GHSA-q847-2q57-wmr3",
        "discovery": "UNKNOWN"
      },
      "title": "Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-46734",
    "datePublished": "2023-11-10T17:49:55.188Z",
    "dateReserved": "2023-10-25T14:30:33.752Z",
    "dateUpdated": "2025-02-13T17:14:33.867Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.0.0\", \"versionEndExcluding\": \"4.4.51\", \"matchCriteriaId\": \"D4E6FF3A-7682-47C6-B439-774B3DA06B3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0.0\", \"versionEndExcluding\": \"5.4.31\", \"matchCriteriaId\": \"8D9BA65C-8E14-45F4-BAC9-1795DC79CF7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndExcluding\": \"6.3.8\", \"matchCriteriaId\": \"0056B4D3-0C63-467F-A308-EB5DEE894B85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.0.0\", \"versionEndExcluding\": \"4.4.51\", \"matchCriteriaId\": \"E7E9CF24-819A-4931-ADE3-43B3D40C5729\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0.0\", \"versionEndExcluding\": \"5.4.31\", \"matchCriteriaId\": \"D5BFC997-132A-410E-A7B3-9D0A29F652A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndExcluding\": \"6.3.8\", \"matchCriteriaId\": \"7A2E5E40-A851-4699-A7E0-6CDCE5849369\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.\"}, {\"lang\": \"es\", \"value\": \"Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de las versiones 2.0.0, 5.0.0 y 6.0.0 y anteriores a las versiones 4.4.51, 5.4.31 y 6.3.8, algunos filtros Twig en CodeExtension usan `is_safe=html` pero en realidad no garantizan su la entrada es segura. A partir de las versiones 4.4.51, 5.4.31 y 6.3.8, Symfony ahora escapa a la salida de los filtros afectados.\"}]",
      "id": "CVE-2023-46734",
      "lastModified": "2024-11-21T08:29:11.347",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
      "published": "2023-11-10T18:15:09.360",
      "references": "[{\"url\": \"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-46734\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-11-10T18:15:09.360\",\"lastModified\":\"2024-11-21T08:29:11.347\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.\"},{\"lang\":\"es\",\"value\":\"Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de las versiones 2.0.0, 5.0.0 y 6.0.0 y anteriores a las versiones 4.4.51, 5.4.31 y 6.3.8, algunos filtros Twig en CodeExtension usan `is_safe=html` pero en realidad no garantizan su la entrada es segura. A partir de las versiones 4.4.51, 5.4.31 y 6.3.8, Symfony ahora escapa a la salida de los filtros afectados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"4.4.51\",\"matchCriteriaId\":\"D4E6FF3A-7682-47C6-B439-774B3DA06B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.4.31\",\"matchCriteriaId\":\"8D9BA65C-8E14-45F4-BAC9-1795DC79CF7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.3.8\",\"matchCriteriaId\":\"0056B4D3-0C63-467F-A308-EB5DEE894B85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"4.4.51\",\"matchCriteriaId\":\"E7E9CF24-819A-4931-ADE3-43B3D40C5729\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.4.31\",\"matchCriteriaId\":\"D5BFC997-132A-410E-A7B3-9D0A29F652A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.3.8\",\"matchCriteriaId\":\"7A2E5E40-A851-4699-A7E0-6CDCE5849369\"}]}]}],\"references\":[{\"url\":\"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\", \"name\": \"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\", \"name\": \"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\", \"name\": \"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T20:53:21.147Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-46734\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-03T15:11:26.071140Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-03T15:36:08.232Z\"}}], \"cna\": {\"title\": \"Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters\", \"source\": {\"advisory\": \"GHSA-q847-2q57-wmr3\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"symfony\", \"product\": \"symfony\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 2.0.0, \u003c 4.4.51\"}, {\"status\": \"affected\", \"version\": \"\u003e= 5.0.0, \u003c 5.4.31\"}, {\"status\": \"affected\", \"version\": \"\u003e= 6.0.0, \u003c 6.3.8\"}]}], \"references\": [{\"url\": \"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\", \"name\": \"https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\", \"name\": \"https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\", \"name\": \"https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2023-11-24T20:06:11.907Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-46734\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:14:33.867Z\", \"dateReserved\": \"2023-10-25T14:30:33.752Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-11-10T17:49:55.188Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2025-AVI-0836

Vulnerability from certfr_avis - Published: 2025-10-01 - Updated: 2025-10-01

De multiples vulnérabilités ont été découvertes dans Tenable Security Center. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Tenable	Security Center	Security Center sans le correctif de sécurité Patch SC-202509.2

References

Title

Publication Time

Tags

Bulletin de sécurité Tenable tns-2025-20

2025-09-26

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Security Center sans le correctif de s\u00e9curit\u00e9 Patch SC-202509.2",
      "product": {
        "name": "Security Center",
        "vendor": {
          "name": "Tenable",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-52806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52806"
    },
    {
      "name": "CVE-2024-24821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24821"
    },
    {
      "name": "CVE-2024-35241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35241"
    },
    {
      "name": "CVE-2024-51736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51736"
    },
    {
      "name": "CVE-2024-45411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45411"
    },
    {
      "name": "CVE-2023-46734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46734"
    },
    {
      "name": "CVE-2024-51755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51755"
    },
    {
      "name": "CVE-2024-50345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50345"
    },
    {
      "name": "CVE-2025-27773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27773"
    },
    {
      "name": "CVE-2024-35242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35242"
    },
    {
      "name": "CVE-2024-51754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51754"
    }
  ],
  "initial_release_date": "2025-10-01T00:00:00",
  "last_revision_date": "2025-10-01T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0836",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-10-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Security Center. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Tenable",
  "vendor_advisories": [
    {
      "published_at": "2025-09-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2025-20",
      "url": "https://www.tenable.com/security/tns-2025-20"
    }
  ]
}

CERTFR-2023-AVI-0930

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Symfony. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symfony	Symfony	Symfony versions 6.x antérieures à 6.3.8
Symfony	Symfony	Symfony versions 2.x à 4.x antérieures à 4.4.51
Symfony	Symfony	Symfony versions 5.x antérieures à 5.4.31

References

Title

Publication Time

Tags

Bulletin de sécurité Symfony GHSA-72x2-5c85-6wmr du 10 novembre 2023	None	vendor-advisory
Bulletin de sécurité Symfony GHSA-q847-2q57-wmr3 du 10 novembre 2023	None	vendor-advisory
Bulletin de sécurité Symfony GHSA-m2wj-r6g3-fxfx du 10 novembre 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symfony versions 6.x ant\u00e9rieures \u00e0 6.3.8",
      "product": {
        "name": "Symfony",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "Symfony versions 2.x \u00e0 4.x ant\u00e9rieures \u00e0 4.4.51",
      "product": {
        "name": "Symfony",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "Symfony versions 5.x ant\u00e9rieures \u00e0 5.4.31",
      "product": {
        "name": "Symfony",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-46735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46735"
    },
    {
      "name": "CVE-2023-46734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46734"
    },
    {
      "name": "CVE-2023-46733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46733"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0930",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans\u003cspan\nclass=\"textit\"\u003e Symfony\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une injection de code indirecte \u00e0 distance (XSS) et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Symfony",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-72x2-5c85-6wmr du 10 novembre 2023",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-q847-2q57-wmr3 du 10 novembre 2023",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-m2wj-r6g3-fxfx du 10 novembre 2023",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
    }
  ]
}

CERTFR-2025-AVI-0836

Vulnerability from certfr_avis - Published: 2025-10-01 - Updated: 2025-10-01

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Tenable	Security Center	Security Center sans le correctif de sécurité Patch SC-202509.2

References

Title

Publication Time

Tags

Bulletin de sécurité Tenable tns-2025-20

2025-09-26

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Security Center sans le correctif de s\u00e9curit\u00e9 Patch SC-202509.2",
      "product": {
        "name": "Security Center",
        "vendor": {
          "name": "Tenable",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-52806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52806"
    },
    {
      "name": "CVE-2024-24821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24821"
    },
    {
      "name": "CVE-2024-35241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35241"
    },
    {
      "name": "CVE-2024-51736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51736"
    },
    {
      "name": "CVE-2024-45411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45411"
    },
    {
      "name": "CVE-2023-46734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46734"
    },
    {
      "name": "CVE-2024-51755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51755"
    },
    {
      "name": "CVE-2024-50345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50345"
    },
    {
      "name": "CVE-2025-27773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27773"
    },
    {
      "name": "CVE-2024-35242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35242"
    },
    {
      "name": "CVE-2024-51754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51754"
    }
  ],
  "initial_release_date": "2025-10-01T00:00:00",
  "last_revision_date": "2025-10-01T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0836",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-10-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Security Center. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Tenable",
  "vendor_advisories": [
    {
      "published_at": "2025-09-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2025-20",
      "url": "https://www.tenable.com/security/tns-2025-20"
    }
  ]
}

CERTFR-2023-AVI-0930

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symfony	Symfony	Symfony versions 6.x antérieures à 6.3.8
Symfony	Symfony	Symfony versions 2.x à 4.x antérieures à 4.4.51
Symfony	Symfony	Symfony versions 5.x antérieures à 5.4.31

References

Title

Publication Time

Tags

Bulletin de sécurité Symfony GHSA-72x2-5c85-6wmr du 10 novembre 2023	None	vendor-advisory
Bulletin de sécurité Symfony GHSA-q847-2q57-wmr3 du 10 novembre 2023	None	vendor-advisory
Bulletin de sécurité Symfony GHSA-m2wj-r6g3-fxfx du 10 novembre 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symfony versions 6.x ant\u00e9rieures \u00e0 6.3.8",
      "product": {
        "name": "Symfony",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "Symfony versions 2.x \u00e0 4.x ant\u00e9rieures \u00e0 4.4.51",
      "product": {
        "name": "Symfony",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "Symfony versions 5.x ant\u00e9rieures \u00e0 5.4.31",
      "product": {
        "name": "Symfony",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-46735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46735"
    },
    {
      "name": "CVE-2023-46734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46734"
    },
    {
      "name": "CVE-2023-46733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46733"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0930",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans\u003cspan\nclass=\"textit\"\u003e Symfony\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une injection de code indirecte \u00e0 distance (XSS) et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Symfony",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-72x2-5c85-6wmr du 10 novembre 2023",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-q847-2q57-wmr3 du 10 novembre 2023",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-m2wj-r6g3-fxfx du 10 novembre 2023",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx"
    }
  ]
}

GHSA-Q847-2Q57-WMR3

Vulnerability from github – Published: 2023-11-12 15:52 – Updated: 2023-11-12 15:52

Summary

Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters

Details

Description

Some Twig filters in CodeExtension use "is_safe=html" but don't actually ensure their input is safe.

Resolution

Symfony now escapes the output of the affected filters.

The patch for this issue is available here for branch 4.4.

Credits

We would like to thank Pierre Rudloff for reporting the issue and to Nicolas Grekas for providing the fix.

Severity ?

6.1 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/twig-bridge"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "4.4.51"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/twig-bridge"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.4.31"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/twig-bridge"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "4.4.51"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.4.31"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-46734"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-11-12T15:52:51Z",
    "nvd_published_at": "2023-11-10T18:15:09Z",
    "severity": "MODERATE"
  },
  "details": "### Description\n\nSome Twig filters in CodeExtension use \"is_safe=html\" but don\u0027t actually ensure their input is safe.\n\n### Resolution\n\nSymfony now escapes the output of the affected filters.\n\nThe patch for this issue is available [here](https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c) for branch 4.4.\n\n### Credits\n\nWe would like to thank Pierre Rudloff for reporting the issue and to Nicolas Grekas for providing the fix.",
  "id": "GHSA-q847-2q57-wmr3",
  "modified": "2023-11-12T15:52:51Z",
  "published": "2023-11-12T15:52:51Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46734"
    },
    {
      "type": "WEB",
      "url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
    },
    {
      "type": "WEB",
      "url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2023-46734.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/symfony/symfony"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
    },
    {
      "type": "WEB",
      "url": "https://symfony.com/cve-2023-46734"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters"
}

FKIE_CVE-2023-46734

Vulnerability from fkie_nvd - Published: 2023-11-10 18:15 - Updated: 2024-11-21 08:29

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54	Patch
security-advisories@github.com	https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c	Patch
security-advisories@github.com	https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3	Vendor Advisory
security-advisories@github.com	https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html
af854a3a-2127-422b-91ae-364da2661108	https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html

Impacted products

Vendor	Product	Version
sensiolabs	symfony	*
sensiolabs	symfony	*
sensiolabs	symfony	*
sensiolabs	twig	*
sensiolabs	twig	*
sensiolabs	twig	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4E6FF3A-7682-47C6-B439-774B3DA06B3D",
              "versionEndExcluding": "4.4.51",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D9BA65C-8E14-45F4-BAC9-1795DC79CF7E",
              "versionEndExcluding": "5.4.31",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0056B4D3-0C63-467F-A308-EB5DEE894B85",
              "versionEndExcluding": "6.3.8",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7E9CF24-819A-4931-ADE3-43B3D40C5729",
              "versionEndExcluding": "4.4.51",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5BFC997-132A-410E-A7B3-9D0A29F652A3",
              "versionEndExcluding": "5.4.31",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A2E5E40-A851-4699-A7E0-6CDCE5849369",
              "versionEndExcluding": "6.3.8",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters."
    },
    {
      "lang": "es",
      "value": "Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de las versiones 2.0.0, 5.0.0 y 6.0.0 y anteriores a las versiones 4.4.51, 5.4.31 y 6.3.8, algunos filtros Twig en CodeExtension usan `is_safe=html` pero en realidad no garantizan su la entrada es segura. A partir de las versiones 4.4.51, 5.4.31 y 6.3.8, Symfony ahora escapa a la salida de los filtros afectados."
    }
  ],
  "id": "CVE-2023-46734",
  "lastModified": "2024-11-21T08:29:11.347",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-10T18:15:09.360",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

GSD-2023-46734

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-46734

Aliases

CVE-2023-46734

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-46734",
    "id": "GSD-2023-46734"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-46734"
      ],
      "details": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.",
      "id": "GSD-2023-46734",
      "modified": "2023-12-13T01:20:53.257629Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2023-46734",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "symfony",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003e= 2.0.0, \u003c 4.4.51"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "\u003e= 5.0.0, \u003c 5.4.31"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "\u003e= 6.0.0, \u003c 6.3.8"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "symfony"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-79",
                "lang": "eng",
                "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
            "refsource": "MISC",
            "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
          },
          {
            "name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
            "refsource": "MISC",
            "url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
          },
          {
            "name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
            "refsource": "MISC",
            "url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
          },
          {
            "name": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html",
            "refsource": "MISC",
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-q847-2q57-wmr3",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.3.8",
                "versionStartIncluding": "6.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.4.31",
                "versionStartIncluding": "5.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.4.51",
                "versionStartIncluding": "2.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.3.8",
                "versionStartIncluding": "6.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.4.31",
                "versionStartIncluding": "5.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sensiolabs:twig:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.4.51",
                "versionStartIncluding": "2.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2023-46734"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don\u0027t actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3",
              "refsource": "",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3"
            },
            {
              "name": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54",
              "refsource": "",
              "tags": [
                "Patch"
              ],
              "url": "https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54"
            },
            {
              "name": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c",
              "refsource": "",
              "tags": [
                "Patch"
              ],
              "url": "https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c"
            },
            {
              "name": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html",
              "refsource": "",
              "tags": [],
              "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00019.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2023-11-24T20:15Z",
      "publishedDate": "2023-11-10T18:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-46734 (GCVE-0-2023-46734)

CERTFR-2025-AVI-0836

Solutions

CERTFR-2023-AVI-0930

Solution

CERTFR-2025-AVI-0836

Solutions

CERTFR-2023-AVI-0930

Solution

GHSA-Q847-2Q57-WMR3

Description

Resolution

Credits

FKIE_CVE-2023-46734

GSD-2023-46734

Tags

Sightings

Nomenclature