15 matches found
GHSA-JJXQ-FF2G-95VH Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled
Description In a sandbox, and attacker can access attributes of Array-like objects as they were not checked by the security policy. They are now checked via the property policy and the isset method is now called after the security check. This is a BC break. Resolution The sandbox mode now ensures...
GHSA-QQ5C-677P-737Q Symfony vulnerable to command execution hijack on Windows with Process class
Description On Windows, when an executable file named cmd.exe is located in the current working directory it will be called by the Process class when preparing command arguments, leading to possible hijacking. Resolution The Process class now uses the absolute path to cmd.exe. The patch for this...
Symfony vulnerable to command execution hijack on Windows with Process class
Description On Windows, when an executable file named cmd.exe is located in the current working directory it will be called by the Process class when preparing command arguments, leading to possible hijacking. Resolution The Process class now uses the absolute path to cmd.exe. The patch for this...
GHSA-9C3X-R3WP-MGXM Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient
Description When using the NoPrivateNetworkHttpClient, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. Resolution The NoPrivateNetworkHttpClient now filters blocked IPs earlier to prevent such leaks. The fisrt patch for this issue is...
GHSA-72X2-5C85-6WMR Symfony potential Cross-site Scripting in WebhookController
Description The error message in WebhookController returns unescaped user-submitted input. Resolution WebhookController now doesn't return any user-submitted input in its response. The patch for this issue is available here for branch 6.3. Credits We would like to thank Maxime Aknin for reporting...
Symfony potential Cross-site Scripting in WebhookController
Description The error message in WebhookController returns unescaped user-submitted input. Resolution WebhookController now doesn't return any user-submitted input in its response. The patch for this issue is available here for branch 6.3. Credits We would like to thank Maxime Aknin for reporting...
CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters
Affected versions Symfony versions =2.0.0,4.4.51, =5.0.0,5.4.31, and =6.0.0,6.3.8 of the Symfony Twig Bridge are affected by this security issue. The issue has been fixed in Symfony 4.4.51, 5.4.31, 6.3.8. All other versions are not maintained anymore. Description Some filters in the CodeExtension...
GHSA-H7VF-5WRV-9FHV Symfony storing cookie headers in HttpCache
Description ----------- The Symfony HTTP cache system acts as a reverse proxy: it caches HTTP responses including headers and returns them to clients. In a recent AbstractSessionListener change, the response might now contain a Set-Cookie header. If the Symfony HTTP cache system is enabled, this...
CVE-2019-11325: Fix escaping of strings in VarExporter
Affected versions Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony VarExporter component are affected by this security issue. The issue has been fixed in Symfony 4.2.12 and 4.3.8. Description Some strings were not properly escaped when being dumped by the VarExporter component...
Fedora 28 : php-symfony (2019-3ee6a7adf2)
Version 2.8.50 2019-04-17 - security cve-2019-10910 DI Check service IDs are valid nicolas-grekas - security cve-2019-10909 FrameworkBundleForm Fix XSS issues in the form theme of the PHP templating engine stof - security cve-2019-10912 PHPUnit Bridge Prevent destructors with side-effects from...
CVE-2019-10913: Reject invalid HTTP method overrides
Affected versions Symfony 2.7.0 to 2.7.50, 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of the Symfony HttpFoundation component are affected by this security issue. The issue has been fixed in Symfony 2.7.51, 2.8.50, 3.4.26, 4.1.12 and 4.2.7. Note that no fixes ar...
CVE-2019-10912: Prevent destructors with side-effects from being unserialized
Affected versions Symfony 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of the Symfony Cache component are affected by this security issue. The issue has been fixed in Symfony 2.8.50, 3.4.26, 4.1.12 and 4.2.7. Note that no fixes are provided for Symfony 3.0, 3.1,...
CVE-2019-10910: Check service IDs are valid
Affected versions Symfony 2.7.0 to 2.7.50, 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of the Symfony Dependency Injection component are affected by this security issue. The issue has been fixed in Symfony 2.7.51, 2.8.50, 3.4.26, 4.1.12 and 4.2.7. Note that no...
CVE-2018-19789: Disclosure of uploaded files full path
Affected versions Symfony 2.7.0 to 2.7.49, 2.8.0 to 2.8.48, 3.0.0 to 3.4.19, 4.0.0 to 4.0.14, 4.1.0 to 4.1.8 and 4.2.0 versions of the Symfony Form component are affected by this security issue. The issue has been fixed in Symfony 2.7.50, 2.8.49, 3.4.20, 4.0.15, 4.1.9 and 4.2.1. Note that no fixe...
CVE-2018-11386: Denial of service when using PDOSessionHandler
Affected versions Symfony 2.7.0 to 2.7.47, 2.8.0 to 2.8.40, 3.3.0 to 3.3.16, 3.4.0 to 3.4.10, and 4.0.0 to 4.0.10 versions of the Symfony http-foundation component are affected by this security issue. The issue has been fixed in Symfony 2.7.48, 2.8.41, 3.3.17, 3.4.11, and 4.0.11. 4.1.0 has also...