Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:com.altx-soft.nix:def:101150
[Rus]
Version
5
Class
patch
ALTXid
282412
Language
English
Severity
Critical
Title
DSA-4441-1 -- symfony -- security update
Description
Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure,
open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution.
Family
unix
Platform
Debian 9
Product
symfony
Reference
VENDOR: DSA-4441-1
VENDOR: DSA-4441-1
Id:
DSA-4441-1
Reference:
https://www.debian.org/security/dsa-4441
CVE: CVE-2018-14773
CVE: CVE-2018-14773
Id:
CVE-2018-14773
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
Comment
: An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning.
CVSSv2 Score:
4
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
SINGLE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
HIGH
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
References:
https://www.drupal.org/SA-CORE-2018-005 (CONFIRM)
https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers (CONFIRM)
https://github.com/symfony/symfony/commit/e447e8b92148ddb3d1956b96638600ec95e08f6b (CONFIRM)
1041405 (SECTRACK)
104943 (BID)
[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update (MLIST)
DSA-4441 (DEBIAN)
20190510 [SECURITY] [DSA 4441-1] symfony security update (BUGTRAQ)
CVE: CVE-2018-19789
CVE: CVE-2018-19789
Id:
CVE-2018-19789
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
Comment
: An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's the `data_class` of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then `UploadedFile::__toString()` is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSSv3 Score:
5.3
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
LOW
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE:
434 (Unrestricted Upload of File with Dangerous Type)
References:
https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path (CONFIRM)
106249 (BID)
[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update (MLIST)
DSA-4441 (DEBIAN)
20190510 [SECURITY] [DSA 4441-1] symfony security update (BUGTRAQ)
FEDORA-2018-8c06b6defd ()
FEDORA-2018-66547a8c14 ()
FEDORA-2018-6edf04d9d6 ()
CVE: CVE-2018-19790
CVE: CVE-2018-19790
Id:
CVE-2018-19790
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
Comment
: An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login.
CVSSv2 Score:
5.8
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N
CVSSv3 Score:
6.1
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
CHANGED
Confidentiality impact:
LOW
Integrity impact:
LOW
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE:
601 (URL Redirection to Untrusted Site ('Open Redirect'))
References:
https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http (CONFIRM)
106249 (BID)
[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update (MLIST)
DSA-4441 (DEBIAN)
20190510 [SECURITY] [DSA 4441-1] symfony security update (BUGTRAQ)
FEDORA-2018-8c06b6defd ()
FEDORA-2018-66547a8c14 ()
FEDORA-2018-6edf04d9d6 ()
CVE: CVE-2019-10909
CVE: CVE-2019-10909
Id:
CVE-2019-10909
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
Comment
: In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle.
CVSSv2 Score:
3.5
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
SINGLE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSSv3 Score:
5.4
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
REQUIRED
Scope:
CHANGED
Confidentiality impact:
LOW
Integrity impact:
LOW
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE:
79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References:
https://www.drupal.org/sa-core-2019-005 (MISC)
https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine (CONFIRM)
https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2 (CONFIRM)
https://www.synology.com/security/advisory/Synology_SA_19_19 (CONFIRM)
CVE: CVE-2019-10910
CVE: CVE-2019-10910
Id:
CVE-2019-10910
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
Comment
: In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3 Score:
9.8
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
References:
https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid (CONFIRM)
https://github.com/symfony/symfony/commit/d2fb5893923292a1da7985f0b56960b5bb10737b (CONFIRM)
https://www.synology.com/security/advisory/Synology_SA_19_19 (CONFIRM)
CVE: CVE-2019-10911
CVE: CVE-2019-10911
Id:
CVE-2019-10911
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
Comment
: In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security.
CVSSv2 Score:
6
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
SINGLE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:S/C:P/I:P/A:P
CVSSv3 Score:
7.5
Attack vector:
NETWORK
Attack complexity:
HIGH
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE:
287 (Improper Authentication)
References:
https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash (CONFIRM)
https://github.com/symfony/symfony/commit/a29ce2817cf43bb1850cf6af114004ac26c7a081 (CONFIRM)
https://www.synology.com/security/advisory/Synology_SA_19_19 (CONFIRM)
CVE: CVE-2019-10912
CVE: CVE-2019-10912
Id:
CVE-2019-10912
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
Comment
: In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge.
CVSSv2 Score:
6.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
SINGLE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSSv3 Score:
7.1
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
LOW
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
LOW
Integrity impact:
HIGH
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
CWE:
502 (Deserialization of Untrusted Data)
References:
https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized (CONFIRM)
https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b (CONFIRM)
20190510 [SECURITY] [DSA 4441-1] symfony security update (BUGTRAQ)
DSA-4441 (DEBIAN)
https://typo3.org/security/advisory/typo3-core-sa-2019-016/ (CONFIRM)
FEDORA-2019-0ef4149687 ()
FEDORA-2019-f5d6a7ce74 ()
FEDORA-2019-2a7f472198 ()
FEDORA-2019-8635280de5 ()
FEDORA-2019-3ee6a7adf2 ()
FEDORA-2019-a3ca65028c ()
FEDORA-2019-f8db687840 ()
FEDORA-2019-32067d8b15 ()
CVE: CVE-2019-10913
CVE: CVE-2019-10913
Id:
CVE-2019-10913
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
Comment
: In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3 Score:
9.8
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References:
https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides (CONFIRM)
https://github.com/symfony/symfony/commit/944e60f083c3bffbc6a0b5112db127a10a66a8ec (CONFIRM)
Content available only for registered users!
ovaldb@altx-soft.com