Exceptions displayed in non-debug configurations in Symfony

Description ----------- When ErrorHandler renders an exception HTML page, it uses un-escaped properties from the related Exception class to render the stacktrace. The security issue comes from the fact that the stacktraces were also displayed in non-debug environments. Resolution ---------- The...

GHSA-M884-279H-32V2 Exceptions displayed in non-debug configurations in Symfony

Description ----------- When ErrorHandler renders an exception HTML page, it uses un-escaped properties from the related Exception class to render the stacktrace. The security issue comes from the fact that the stacktraces were also displayed in non-debug environments. Resolution ---------- The...

CVE-2020-5274

In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the ErrorHandler rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the...

CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler

Affected versions Symfony 4.4.0 to 4.4.3 and 5.0.0 to 5.0.4 versions of the Symfony ErrorHandler component are affected by this security issue. The issue has been fixed in Symfony 4.4.4 and 5.0.4. Description When ErrorHandler renders an exception HTML page, it uses un-escaped properties from the...

PT-2020-18364 · Symfony · Symfony +1

Name of the Vulnerable Software and Affected Versions: Symfony versions prior to 4.4.5 and 5.0.5 symfony/http-foundation versions prior to 4.4.5 and 5.0.5 Description: The issue arises from the ErrorHandler rendering unescaped properties of the Exception class when displaying the stacktrace, whic...

libavif:avif_decode_fuzzer: Null-dereference READ with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=5645512985542656 Project: libavif Fuzzing Engine: libFuzzer Fuzz Target: avifdecodefuzzer Job Type: libfuzzerasanlibavif Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: NULL Sanitizer: address ASAN...

dav1d:dav1d_fuzzer: Null-dereference READ with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=5687738131283968 Project: dav1d Fuzzing Engine: libFuzzer Fuzz Target: dav1dfuzzer Job Type: libfuzzerasani386dav1d Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x00000000 Crash State: NULL Sanitizer: address ASAN Crash...

golang-protobuf:wirefuzz: Crash with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=5652073511387136 Project: golang-protobuf Fuzzing Engine: libFuzzer Fuzz Target: wirefuzz Job Type: libfuzzerasangolang-protobuf Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x0000059044a4 Crash State: NULL Sanitizer: address ASAN...

skia:api_skdescriptor: Crash with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=5755812456955904 Project: skia Fuzzing Engine: libFuzzer Fuzz Target: apiskdescriptor Job Type: libfuzzermsanskia Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000004050020 Crash State: NULL Sanitizer: memory MSAN Recommended...

wasmtime:api_calls: Crash with empty stacktrace

Project: https://github.com/bytecodealliance/wasmtime.git Detailed Report: https://oss-fuzz.com/testcase?key=5069880397398016 Project: wasmtime Fuzzing Engine: libFuzzer Fuzz Target: apicalls Job Type: libfuzzerasanwasmtime Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x7f52f0071d5...

Mail.ru: [sso.33slona.ru] Application Messages Error stacktrace PHP.

Sensitive configuration information was disclosed via verbose stack trace in web application...

CVE-2017-2594

hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...

CVE-2017-2594

hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...

RSVG 2.40.13 / 2.42.2 - '.svg' Buffer Overflow

Exploit Title: Buffer-overflow in RSVG while converting a malformed svg Date: 17 April 2018 Exploit Author: Hamm3r.py Vendor Homepage: https://launchpad.net/ubuntu/xenial/+package/librsvg2-bin Software Link: https://launchpad.net/ubuntu/xenial/+package/librsvg2-bin Version: Ubuntu: 2.40.13 Defaul...

hawtio: information Disclosure flaws due to unsafe path traversal

It was found that a path traversal vulnerability in hawtio leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...

Starbucks: DOM-based XSS in store.starbucks.co.uk on IE 11

We've found DOM XSS on store.starbucks.co.uk and other related domains such as store.starbucks.fr and store.starbucks.ca. It appears to be a JQuery based DOM XSS in the parseHTML sink. In order to trigger the XSS you need to use IE11 and the PoC will visit the url first, wait 5 seconds and then...

GNU binutils - aarch64_ext_ldst_reglist Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21595 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

GNU binutils - disassemble_bytes Heap Overflow

GNU binutils - disassemblebytes Heap Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21580 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

GNU binutils - ieee_object_p Stack Buffer Overflow

GNU binutils - ieeeobjectp Stack Buffer Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21582 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

GNU binutils - print_insn_score16 Buffer Overflow

GNU binutils - printinsnscore16 Buffer Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21576 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...