USN-4836-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-4836-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4836-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4836-1
Related
Published
2021-03-15T22:18:44.416064Z
Modified
2021-03-15T22:18:44.416064Z
Summary
symfony vulnerability
Details

It was discovered that Symfony through the HttpFoundation component allowed unauthorized access on a misconfigured LDAP server. A remote attacker could use this vulnerability to gain unauthorized access.

References

Affected packages

Ubuntu:Pro:18.04:LTS / symfony

Package

Name
symfony

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.6+dfsg-1ubuntu0.1+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "php-symfony-framework-bundle": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-monolog-bridge": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-security-guard": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-serializer": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-asset": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-browser-kit": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-yaml": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-web-link": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-class-loader": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-property-info": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-console": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-ldap": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-debug-bundle": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-doctrine-bridge": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-form": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-workflow": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-expression-language": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-options-resolver": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-debug": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-security-bundle": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-dependency-injection": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-proxy-manager-bridge": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-property-access": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-finder": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-twig-bundle": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-stopwatch": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-intl": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-twig-bridge": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-validator": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-security": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-event-dispatcher": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-http-foundation": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-cache": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-inflector": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-web-server-bundle": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-lock": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-translation": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-routing": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-security-core": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-templating": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-filesystem": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-process": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-security-csrf": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-dom-crawler": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-css-selector": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-http-kernel": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-security-http": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-var-dumper": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-dotenv": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-phpunit-bridge": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-web-profiler-bundle": "3.4.6+dfsg-1ubuntu0.1+esm1",
            "php-symfony-config": "3.4.6+dfsg-1ubuntu0.1+esm1"
        }
    ]
}