FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /fragment.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "php-symfony-asset", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-browser-kit", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-class-loader", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-config", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-console", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-css-selector", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-debug", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-debug-bundle", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-dependency-injection", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-doctrine-bridge", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-dom-crawler", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-event-dispatcher", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-expression-language", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-filesystem", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-finder", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-form", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-framework-bundle", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-http-foundation", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-http-kernel", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-intl", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-locale", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-monolog-bridge", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-options-resolver", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-phpunit-bridge", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-process", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-property-access", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-proxy-manager-bridge", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-routing", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-security", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-security-bundle", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-serializer", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-stopwatch", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-swiftmailer-bridge", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-templating", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-translation", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-twig-bridge", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-twig-bundle", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-validator", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-var-dumper", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-web-profiler-bundle", "binary_version": "2.7.10-0ubuntu2" }, { "binary_name": "php-symfony-yaml", "binary_version": "2.7.10-0ubuntu2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "php-symfony", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-asset", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-browser-kit", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-cache", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-class-loader", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-config", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-console", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-css-selector", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-debug", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-debug-bundle", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-dependency-injection", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-doctrine-bridge", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-dom-crawler", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-dotenv", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-event-dispatcher", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-expression-language", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-filesystem", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-finder", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-form", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-framework-bundle", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-http-foundation", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-http-kernel", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-inflector", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-intl", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-ldap", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-lock", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-monolog-bridge", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-options-resolver", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-phpunit-bridge", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-process", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-property-access", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-property-info", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-proxy-manager-bridge", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-routing", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-security", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-security-bundle", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-security-core", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-security-csrf", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-security-guard", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-security-http", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-serializer", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-stopwatch", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-templating", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-translation", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-twig-bridge", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-twig-bundle", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-validator", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-var-dumper", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-web-link", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-web-profiler-bundle", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-web-server-bundle", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-workflow", "binary_version": "3.4.6+dfsg-1" }, { "binary_name": "php-symfony-yaml", "binary_version": "3.4.6+dfsg-1" } ] }