CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51996 – Symphony has an Authentication Bypass via RememberMe
https://notcve.org/view.php?id=CVE-2024-51996
13 Nov 2024 — Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the username attached with the cookie, leading to authentication bypass. This vulnerability is fixed in 5.4.47, 6.4.15, and 7.1.8. Soner Sayakci discovered that Symfony incorrectly handled cookie storage in the web cache. An attacker could possibly use this issue to obtain sensitive inform... • https://github.com/symfony/symfony/commit/81354d392c5f0b7a52bcbd729d6f82501e94135a • CWE-287: Improper Authentication CWE-289: Authentication Bypass by Alternate Name •
CVSS: 7.5EPSS: 74%CPEs: 3EXPL: 1CVE-2024-50340 – Ability to change environment from query in symfony/runtime
https://notcve.org/view.php?id=CVE-2024-50340
06 Nov 2024 — symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request. As of versions 5.4.46, 6.4.14, and 7.1.7 the `SymfonyRuntime` now ignores the `argv` values for non-SAPI PHP runtimes. All users are advised to upgrade. There are no known... • https://github.com/Nyamort/CVE-2024-50340 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50341 – Security::login does not take into account custom user_checker in symfony/security-bundle
https://notcve.org/view.php?id=CVE-2024-50341
06 Nov 2024 — symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack framework. The custom `user_checker` defined on a firewall is not called when Login Programmaticaly with the `Security::login` method, leading to unwanted login. As of versions 6.4.10, 7.0.10 and 7.1.3 the `Security::login` method now ensure to call the configured `user_checker`. All users are advised to upgrade. There are no known workarounds for this v... • https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105 • CWE-287: Improper Authentication •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50342 – Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client
https://notcve.org/view.php?id=CVE-2024-50342
06 Nov 2024 — symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this ... • https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50343 – Incorrect response from Validator when input ends with `\n` in symfony/validator
https://notcve.org/view.php?id=CVE-2024-50343
06 Nov 2024 — symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a `Validator` configured with a regular expression using the `$` metacharacters, with an input ending with `\n`. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the `D` regex modifier to match the entire input. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f • CWE-20: Improper Input Validation •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50345 – Open redirect via browser-sanitized URLs in symfony/http-foundation
https://notcve.org/view.php?id=CVE-2024-50345
06 Nov 2024 — symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.... • https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51736 – Command execution hijack on Windows with Process class in symfony/process
https://notcve.org/view.php?id=CVE-2024-51736
06 Nov 2024 — Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when preparing command arguments, leading to possible hijacking. This issue has been addressed in release versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •