UBUNTU-CVE-2018-19789

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2018-19789

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-19789.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2018-19789

Related

CVE-2018-19789

Published

2018-12-18T22:29:00Z

Modified

2024-10-15T14:06:36Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint string in a setter method (e.g. setName(string $name)) of a class that's the data_class of a form, and when a file upload is submitted to the corresponding field instead of a normal text input, then UploadedFile::__toString() is called which will then return and disclose the path of the uploaded file. If combined with a local file inclusion issue in certain circumstances this could escalate it to a Remote Code Execution.

References

Affected packages

Ubuntu:Pro:16.04:LTS / symfony

Package

Name: symfony
Purl: pkg:deb/ubuntu/symfony?arch=src?distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.1+dfsg-1

2.7.5+dfsg-1

2.7.9+dfsg-1

2.7.9+dfsg-1ubuntu2

2.7.10-0ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / symfony

Package

Name: symfony
Purl: pkg:deb/ubuntu/symfony?arch=src?distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.8.7+dfsg-1.3ubuntu1

3.*

3.4.3+dfsg-1ubuntu4

3.4.6+dfsg-1

3.4.6+dfsg-1ubuntu0.1

3.4.6+dfsg-1ubuntu0.1+esm1

3.4.6+dfsg-1ubuntu0.1+esm2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}