GHSA-83c3-qx27-2rwr
Suggest an improvement- Source
- https://github.com/advisories/GHSA-83c3-qx27-2rwr
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-83c3-qx27-2rwr/GHSA-83c3-qx27-2rwr.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-83c3-qx27-2rwr
- Aliases
-
- CVE-2012-6431
- Published
- 2022-05-17T05:17:03Z
- Modified
- 2024-12-03T06:08:10.253084Z
- Summary
- Symfony Allows URI Restrictions Bypass Via Double-Encoded String
- Details
-
On the Symfony 2.0.x version, there's a security issue that allows access to routes protected by a firewall even when the user is not logged in.
Both the Routing component and the Security component uses the path returned by
getPathInfo()to match a Request. ThegetPathInfo()returns a decoded path, but the Routing component (Symfony\Component\Routing\Matcher\UrlMatcher) decodes the path a second time; whereas the Security component,Symfony\Component\HttpFoundation\RequestMatcher, does not.This difference causes Symfony 2.0 to be vulnerable to double encoding attacks.
- Database specific
{ "nvd_published_at": "2012-12-27T11:47:00Z", "cwe_ids": [ "CWE-287" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-08-15T23:43:25Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2012-6431
- https://github.com/symfony/symfony/commit/55014a6841bec50046e8329a4835c160ac31a496
- https://github.com/symfony/symfony/commit/8b2c17f80377582287a78e0b521497e039dd6b0d
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2012-6431.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/routing/CVE-2012-6431.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2012-6431.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2012-6431.yaml
- https://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released
- http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released
Affected packages
Packagist / symfony/http-foundation
Package
- Name
- symfony/http-foundation
- Purl
- pkg:composer/symfony/http-foundation
Packagist / symfony/routing
Package
- Name
- symfony/routing
- Purl
- pkg:composer/symfony/routing
Packagist / symfony/security
Package
- Name
- symfony/security
- Purl
- pkg:composer/symfony/security
Packagist / symfony/symfony
Package
- Name
- symfony/symfony
- Purl
- pkg:composer/symfony/symfony