CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51996 – Symphony has an Authentication Bypass via RememberMe
https://notcve.org/view.php?id=CVE-2024-51996
13 Nov 2024 — Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the username attached with the cookie, leading to authentication bypass. This vulnerability is fixed in 5.4.47, 6.4.15, and 7.1.8. Soner Sayakci discovered that Symfony incorrectly handled cookie storage in the web cache. An attacker could possibly use this issue to obtain sensitive inform... • https://github.com/symfony/symfony/commit/81354d392c5f0b7a52bcbd729d6f82501e94135a • CWE-287: Improper Authentication CWE-289: Authentication Bypass by Alternate Name •
CVSS: 7.5EPSS: 74%CPEs: 3EXPL: 1CVE-2024-50340 – Ability to change environment from query in symfony/runtime
https://notcve.org/view.php?id=CVE-2024-50340
06 Nov 2024 — symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request. As of versions 5.4.46, 6.4.14, and 7.1.7 the `SymfonyRuntime` now ignores the `argv` values for non-SAPI PHP runtimes. All users are advised to upgrade. There are no known... • https://github.com/Nyamort/CVE-2024-50340 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50341 – Security::login does not take into account custom user_checker in symfony/security-bundle
https://notcve.org/view.php?id=CVE-2024-50341
06 Nov 2024 — symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack framework. The custom `user_checker` defined on a firewall is not called when Login Programmaticaly with the `Security::login` method, leading to unwanted login. As of versions 6.4.10, 7.0.10 and 7.1.3 the `Security::login` method now ensure to call the configured `user_checker`. All users are advised to upgrade. There are no known workarounds for this v... • https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105 • CWE-287: Improper Authentication •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50342 – Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client
https://notcve.org/view.php?id=CVE-2024-50342
06 Nov 2024 — symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this ... • https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50343 – Incorrect response from Validator when input ends with `\n` in symfony/validator
https://notcve.org/view.php?id=CVE-2024-50343
06 Nov 2024 — symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a `Validator` configured with a regular expression using the `$` metacharacters, with an input ending with `\n`. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the `D` regex modifier to match the entire input. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f • CWE-20: Improper Input Validation •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50345 – Open redirect via browser-sanitized URLs in symfony/http-foundation
https://notcve.org/view.php?id=CVE-2024-50345
06 Nov 2024 — symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.... • https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51736 – Command execution hijack on Windows with Process class in symfony/process
https://notcve.org/view.php?id=CVE-2024-51736
06 Nov 2024 — Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when preparing command arguments, leading to possible hijacking. This issue has been addressed in release versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46735 – Symfony potential Cross-site Scripting in WebhookController
https://notcve.org/view.php?id=CVE-2023-46735
10 Nov 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response. Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de la versión 6.0.0 y anteriores a la versión 6.3.8, el m... • https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-46734 – Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
https://notcve.org/view.php?id=CVE-2023-46734
10 Nov 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters. Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir d... • https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-46733 – Symfony possible session fixation vulnerability
https://notcve.org/view.php?id=CVE-2023-46733
10 Nov 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token itself changes from one type (p... • https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9 • CWE-384: Session Fixation •