cvelistv5 - cve-2024-50342

CVE-2024-50342 (GCVE-0-2024-50342)

Vulnerability from cvelistv5 – Published: 2024-11-06 21:03 – Updated: 2024-11-07 15:26

Summary

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity ?

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

Tags

	https://github.com/symfony/symfony/security/advis…	x_refsource_CONFIRM
	https://github.com/symfony/symfony/commit/296d4b3…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	symfony	symfony	Affected: < 5.4.46 Affected: >= 6.0.0, < 6.4.14 Affected: >= 7.0.0, < 7.1.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50342",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T15:26:26.266702Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T15:26:33.540Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "symfony",
          "vendor": "symfony",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 5.4.46"
            },
            {
              "status": "affected",
              "version": "\u003e= 6.0.0, \u003c 6.4.14"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.1.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-06T21:03:12.331Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm"
        },
        {
          "name": "https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b"
        }
      ],
      "source": {
        "advisory": "GHSA-9c3x-r3wp-mgxm",
        "discovery": "UNKNOWN"
      },
      "title": "Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-50342",
    "datePublished": "2024-11-06T21:03:12.331Z",
    "dateReserved": "2024-10-22T17:54:40.955Z",
    "dateUpdated": "2024-11-07T15:26:33.540Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"symfony/http-client es un m\\u00f3dulo para el framework PHP Symphony que proporciona m\\u00e9todos potentes para obtener recursos HTTP de forma sincr\\u00f3nica o asincr\\u00f3nica. Al utilizar `NoPrivateNetworkHttpClient`, todav\\u00eda se filtra cierta informaci\\u00f3n interna durante la resoluci\\u00f3n del host, lo que lleva a una posible enumeraci\\u00f3n de IP/puerto. A partir de las versiones 5.4.46, 6.4.14 y 7.1.7, `NoPrivateNetworkHttpClient` ahora filtra las IP bloqueadas antes para evitar dichas filtraciones. Se recomienda a todos los usuarios que actualicen la versi\\u00f3n. No se conocen workarounds para esta vulnerabilidad.\"}]",
      "id": "CVE-2024-50342",
      "lastModified": "2024-11-08T19:01:25.633",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 3.1, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 1.4}]}",
      "published": "2024-11-06T21:15:05.963",
      "references": "[{\"url\": \"https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm\", \"source\": \"security-advisories@github.com\"}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-50342\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-11-06T21:15:05.963\",\"lastModified\":\"2024-11-08T19:01:25.633\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.\"},{\"lang\":\"es\",\"value\":\"symfony/http-client es un m\u00f3dulo para el framework PHP Symphony que proporciona m\u00e9todos potentes para obtener recursos HTTP de forma sincr\u00f3nica o asincr\u00f3nica. Al utilizar `NoPrivateNetworkHttpClient`, todav\u00eda se filtra cierta informaci\u00f3n interna durante la resoluci\u00f3n del host, lo que lleva a una posible enumeraci\u00f3n de IP/puerto. A partir de las versiones 5.4.46, 6.4.14 y 7.1.7, `NoPrivateNetworkHttpClient` ahora filtra las IP bloqueadas antes para evitar dichas filtraciones. Se recomienda a todos los usuarios que actualicen la versi\u00f3n. No se conocen workarounds para esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-50342\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-07T15:26:26.266702Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-07T15:26:29.969Z\"}}], \"cna\": {\"title\": \"Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client\", \"source\": {\"advisory\": \"GHSA-9c3x-r3wp-mgxm\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"symfony\", \"product\": \"symfony\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 5.4.46\"}, {\"status\": \"affected\", \"version\": \"\u003e= 6.0.0, \u003c 6.4.14\"}, {\"status\": \"affected\", \"version\": \"\u003e= 7.0.0, \u003c 7.1.7\"}]}], \"references\": [{\"url\": \"https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm\", \"name\": \"https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b\", \"name\": \"https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-11-06T21:03:12.331Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-50342\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-07T15:26:33.540Z\", \"dateReserved\": \"2024-10-22T17:54:40.955Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-11-06T21:03:12.331Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0948

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Symfony. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Symfony	http-client	http-client versions 7.x antérieures à 7.1.7 pour composer
Symfony	security-bundle	security-bundle versions 6.x antérieures à 6.4.10 pour composer
Symfony	http-foundation	http-foundation versions 6.x antérieures à 6.4.14 pour composer
Symfony	http-foundation	http-foundation versions antérieures à 5.4.46 pour composer
Symfony	runtime	runtime versions 7.x antérieures à 7.1.7 pour composer
Symfony	runtime	runtime versions 6.x antérieures à 6.4.14 pour composer
Symfony	validator	validator versions 7.x antérieures à 7.1.4 pour composer
Symfony	process	process versions antérieures à 5.4.46 pour composer
Symfony	http-foundation	http-foundation versions 7.x antérieures à 7.1.7 pour composer
Symfony	runtime	runtime versions antérieures à 5.4.46 pour composer
Symfony	validator	validator versions antérieures à 5.4.43 pour composer
Symfony	http-client	http-client versions 5.4.46 pour composer
Symfony	security-bundle	security-bundle versions 7.1.x antérieures à 7.1.3 pour composer
Symfony	http-client	http-client versions 6.x antérieures à 6.4.14 pour composer
Symfony	security-bundle	security-bundle versions 7.0.x antérieures à 7.0.10 pour composer
Symfony	process	process versions 7.x antérieures à 7.1.7 pour composer
Symfony	validator	validator versions 6.x antérieures à 6.4.11 pour composer
Symfony	process	process versions 6.x antérieures à 6.4.14 pour composer

References

Title

Publication Time

Tags

Bulletin de sécurité Symfony GHSA-jxgr-3v7q-3w9v	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-x8vp-gf4q-mw5j	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-qq5c-677p-737q	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-9c3x-r3wp-mgxm	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-mrqx-rp3w-jpjp	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-g3rh-rrhp-jhh9	2024-11-06	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "http-client versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "http-client",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "security-bundle versions 6.x ant\u00e9rieures \u00e0 6.4.10 pour composer",
      "product": {
        "name": "security-bundle",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-foundation versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "http-foundation",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-foundation versions ant\u00e9rieures \u00e0 5.4.46 pour composer",
      "product": {
        "name": "http-foundation",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "runtime versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "runtime",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "runtime versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "runtime",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "validator versions 7.x ant\u00e9rieures \u00e0 7.1.4 pour composer",
      "product": {
        "name": "validator",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "process versions ant\u00e9rieures \u00e0 5.4.46 pour composer",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-foundation versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "http-foundation",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "runtime versions ant\u00e9rieures \u00e0 5.4.46 pour composer",
      "product": {
        "name": "runtime",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "validator versions ant\u00e9rieures \u00e0 5.4.43 pour composer",
      "product": {
        "name": "validator",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-client versions 5.4.46 pour composer",
      "product": {
        "name": "http-client",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "security-bundle versions 7.1.x ant\u00e9rieures \u00e0 7.1.3 pour composer",
      "product": {
        "name": "security-bundle",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-client versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "http-client",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "security-bundle versions 7.0.x ant\u00e9rieures \u00e0 7.0.10 pour composer",
      "product": {
        "name": "security-bundle",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "process versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "validator versions 6.x ant\u00e9rieures \u00e0 6.4.11 pour composer",
      "product": {
        "name": "validator",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "process versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-50341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50341"
    },
    {
      "name": "CVE-2024-50342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50342"
    },
    {
      "name": "CVE-2024-51736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51736"
    },
    {
      "name": "CVE-2024-50340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50340"
    },
    {
      "name": "CVE-2024-50345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50345"
    },
    {
      "name": "CVE-2024-50343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50343"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0948",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-11-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Symfony. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Symfony",
  "vendor_advisories": [
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-jxgr-3v7q-3w9v",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-x8vp-gf4q-mw5j",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-qq5c-677p-737q",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-9c3x-r3wp-mgxm",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-mrqx-rp3w-jpjp",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-g3rh-rrhp-jhh9",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9"
    }
  ]
}

CERTFR-2024-AVI-0948

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Symfony	http-client	http-client versions 7.x antérieures à 7.1.7 pour composer
Symfony	security-bundle	security-bundle versions 6.x antérieures à 6.4.10 pour composer
Symfony	http-foundation	http-foundation versions 6.x antérieures à 6.4.14 pour composer
Symfony	http-foundation	http-foundation versions antérieures à 5.4.46 pour composer
Symfony	runtime	runtime versions 7.x antérieures à 7.1.7 pour composer
Symfony	runtime	runtime versions 6.x antérieures à 6.4.14 pour composer
Symfony	validator	validator versions 7.x antérieures à 7.1.4 pour composer
Symfony	process	process versions antérieures à 5.4.46 pour composer
Symfony	http-foundation	http-foundation versions 7.x antérieures à 7.1.7 pour composer
Symfony	runtime	runtime versions antérieures à 5.4.46 pour composer
Symfony	validator	validator versions antérieures à 5.4.43 pour composer
Symfony	http-client	http-client versions 5.4.46 pour composer
Symfony	security-bundle	security-bundle versions 7.1.x antérieures à 7.1.3 pour composer
Symfony	http-client	http-client versions 6.x antérieures à 6.4.14 pour composer
Symfony	security-bundle	security-bundle versions 7.0.x antérieures à 7.0.10 pour composer
Symfony	process	process versions 7.x antérieures à 7.1.7 pour composer
Symfony	validator	validator versions 6.x antérieures à 6.4.11 pour composer
Symfony	process	process versions 6.x antérieures à 6.4.14 pour composer

References

Title

Publication Time

Tags

Bulletin de sécurité Symfony GHSA-jxgr-3v7q-3w9v	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-x8vp-gf4q-mw5j	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-qq5c-677p-737q	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-9c3x-r3wp-mgxm	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-mrqx-rp3w-jpjp	2024-11-06	vendor-advisory
Bulletin de sécurité Symfony GHSA-g3rh-rrhp-jhh9	2024-11-06	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "http-client versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "http-client",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "security-bundle versions 6.x ant\u00e9rieures \u00e0 6.4.10 pour composer",
      "product": {
        "name": "security-bundle",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-foundation versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "http-foundation",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-foundation versions ant\u00e9rieures \u00e0 5.4.46 pour composer",
      "product": {
        "name": "http-foundation",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "runtime versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "runtime",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "runtime versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "runtime",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "validator versions 7.x ant\u00e9rieures \u00e0 7.1.4 pour composer",
      "product": {
        "name": "validator",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "process versions ant\u00e9rieures \u00e0 5.4.46 pour composer",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-foundation versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "http-foundation",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "runtime versions ant\u00e9rieures \u00e0 5.4.46 pour composer",
      "product": {
        "name": "runtime",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "validator versions ant\u00e9rieures \u00e0 5.4.43 pour composer",
      "product": {
        "name": "validator",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-client versions 5.4.46 pour composer",
      "product": {
        "name": "http-client",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "security-bundle versions 7.1.x ant\u00e9rieures \u00e0 7.1.3 pour composer",
      "product": {
        "name": "security-bundle",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "http-client versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "http-client",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "security-bundle versions 7.0.x ant\u00e9rieures \u00e0 7.0.10 pour composer",
      "product": {
        "name": "security-bundle",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "process versions 7.x ant\u00e9rieures \u00e0 7.1.7 pour composer",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "validator versions 6.x ant\u00e9rieures \u00e0 6.4.11 pour composer",
      "product": {
        "name": "validator",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "process versions 6.x ant\u00e9rieures \u00e0 6.4.14 pour composer",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-50341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50341"
    },
    {
      "name": "CVE-2024-50342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50342"
    },
    {
      "name": "CVE-2024-51736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51736"
    },
    {
      "name": "CVE-2024-50340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50340"
    },
    {
      "name": "CVE-2024-50345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50345"
    },
    {
      "name": "CVE-2024-50343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50343"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0948",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-11-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Symfony. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Symfony",
  "vendor_advisories": [
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-jxgr-3v7q-3w9v",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-x8vp-gf4q-mw5j",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-qq5c-677p-737q",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-9c3x-r3wp-mgxm",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-mrqx-rp3w-jpjp",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp"
    },
    {
      "published_at": "2024-11-06",
      "title": "Bulletin de s\u00e9curit\u00e9 Symfony GHSA-g3rh-rrhp-jhh9",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9"
    }
  ]
}

FKIE_CVE-2024-50342

Vulnerability from fkie_nvd - Published: 2024-11-06 21:15 - Updated: 2024-11-08 19:01

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b
	security-advisories@github.com	https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability."
    },
    {
      "lang": "es",
      "value": "symfony/http-client es un m\u00f3dulo para el framework PHP Symphony que proporciona m\u00e9todos potentes para obtener recursos HTTP de forma sincr\u00f3nica o asincr\u00f3nica. Al utilizar `NoPrivateNetworkHttpClient`, todav\u00eda se filtra cierta informaci\u00f3n interna durante la resoluci\u00f3n del host, lo que lleva a una posible enumeraci\u00f3n de IP/puerto. A partir de las versiones 5.4.46, 6.4.14 y 7.1.7, `NoPrivateNetworkHttpClient` ahora filtra las IP bloqueadas antes para evitar dichas filtraciones. Se recomienda a todos los usuarios que actualicen la versi\u00f3n. No se conocen workarounds para esta vulnerabilidad."
    }
  ],
  "id": "CVE-2024-50342",
  "lastModified": "2024-11-08T19:01:25.633",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.1,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-06T21:15:05.963",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

GHSA-9C3X-R3WP-MGXM

Vulnerability from github – Published: 2024-11-06 15:16 – Updated: 2024-11-13 18:51

Summary

Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient

Details

Description

When using the NoPrivateNetworkHttpClient, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration.

Resolution

The NoPrivateNetworkHttpClient now filters blocked IPs earlier to prevent such leaks.

The fisrt patch for this issue is available here for branch 5.4.

The second one is available here for branch 5.4 also.

Credits

We would like to thank Linus Karlsson and Chris Smith for reporting the issue and Nicolas Grekas for providing the fix.

Severity ?

3.1 (Low)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

2.3 (Low)


                  
                    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/http-client"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0"
            },
            {
              "fixed": "5.4.47"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/http-client"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.4.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/http-client"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0"
            },
            {
              "fixed": "5.4.47"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.4.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-50342"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-06T15:16:09Z",
    "nvd_published_at": "2024-11-06T21:15:05Z",
    "severity": "LOW"
  },
  "details": "### Description\n\nWhen using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration.\n\n### Resolution\n\nThe `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks.\n\nThe fisrt patch for this issue is available [here](https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b) for branch 5.4.\n\nThe second one is available [here](https://github.com/symfony/symfony/commit/b4bf5afdbdcb2fd03da513ee03beeabeb551e5fa) for branch 5.4 also.\n\n### Credits\n\nWe would like to thank Linus Karlsson and Chris Smith for reporting the issue and Nicolas Grekas for providing the fix.",
  "id": "GHSA-9c3x-r3wp-mgxm",
  "modified": "2024-11-13T18:51:04Z",
  "published": "2024-11-06T15:16:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50342"
    },
    {
      "type": "WEB",
      "url": "https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-client/CVE-2024-50342.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2024-50342.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/symfony/symfony"
    },
    {
      "type": "WEB",
      "url": "https://symfony.com/cve-2024-50342"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-50342 (GCVE-0-2024-50342)

CERTFR-2024-AVI-0948

Solutions

CERTFR-2024-AVI-0948

Solutions

FKIE_CVE-2024-50342

GHSA-9C3X-R3WP-MGXM

Description

Resolution

Credits

Tags

Sightings

Nomenclature