5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
4.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.2%
Symfony 4.4.0 to 4.4.3 and 5.0.0 to 5.0.4 versions of the Symfony ErrorHandler component are affected by this security issue.
The issue has been fixed in Symfony 4.4.4 and 5.0.4.
When ErrorHandler
renders an exception HTML page, it uses un-escaped properties from the related Exception class to render the stacktrace. The security issue comes from the fact that the stacktraces were also displayed in non-debug
environments.
The ErrorHandler
class now escapes all properties coming from the related Exception, and the stacktrace is not displayed anymore in non-debug
environments.
The patches for this issue are available here and here for 4.4 branch.
I would like to thank Luka Sikic for reporting & Yonel Ceruto and JΓ©rΓ©my DerussΓ© for fixing the issue.
Log in to add a reaction to this post
add a reaction β€οΈ π π
Published in #Security Advisories
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
4.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.2%