AddToAny

Share this

 

News

11/06/2024 - 20:50

Twig CVE-2024-51754: Unguarded calls to __toString() in a sandbox when an object is in an array or an argument list

Affected versions

Twig versions <3.11.2; >=3.12,<3.14.1 are affected by this security issue.

The issue has been fixed in Twig 3.11.2 and 3.14.1.
Note that Twig versions 1 and 2 are not maintained anymore and are vulnerable.

Description

In a sandbox, an attacker can call __toString() on an object even if the __toString() method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance).




11/06/2024 - 12:05

CVE-2024-50340: Ability to change environment from query

Affected versions

Symfony versions <5.4.46; >=6, <6.4.14; >=7, <7.1.7 of the Symfony Runtime component are affected by this security issue.

The issue has been fixed in Symfony 5.4.46, 6.4.14, and 7.1.7.

Description

When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request.




11/06/2024 - 12:05

CVE-2024-51736: Command execution hijack on Windows with Process class

Affected versions

Symfony versions <5.4.46; >=6, <6.4.14; >=7, <7.1.7 of the Symfony Process component are affected by this security issue.

The issue has been fixed in Symfony 5.4.46, 6.4.14, and 7.1.7.

Description

On Window, when an executable file named cmd.exe is located in the current working directory it will be called by the Process class when preparing command arguments, leading to possible hijacking.

Resolution

The Process class now uses the absolute path to cmd.exe.




11/06/2024 - 12:05

CVE-2024-50341: Security::login does not take into account custom user_checker

Affected versions

Symfony versions >=6.2, <6.4.10; >=7.0, <7.0.10; >=7.1, <7.1.3 of the Symfony SecurityBundle component are affected by this security issue.

The issue has been fixed in Symfony 6.4.10, 7.0.10, and 7.1.3.

Description

The custom user_checker defined on a firewall is not called when Login Programmaticaly with the Security::login method, leading to unwanted login.

Resolution

The Security::login method now ensure to call the configured user_checker.




11/06/2024 - 12:05

CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient

Affected versions

Symfony versions <5.4.46; >=6, <6.4.14; >=7, <7.1.7 of the Symfony HttpClient component are affected by this security issue.

The issue has been fixed in Symfony 5.4.46, 6.4.14, and 7.1.7.

Description

When using the NoPrivateNetworkHttpClient, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration.

Resolution

The NoPrivateNetworkHttpClient now filters blocked IPs earlier to prevent such leaks.




11/06/2024 - 12:05

CVE-2024-50343: Incorrect response from Validator when input ends with `\n`

Affected versions

Symfony versions <5.4.43; >=6, <6.4.11; >=7, <7.1.4 of the Symfony Validator component are affected by this security issue.

The issue has been fixed in Symfony 5.4.43, 6.4.11, and 7.1.4.

Description

It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n.

Resolution

Symfony now uses the D regex modifier to match the entire input.




11/05/2024 - 19:02

WordPress 6.7 Release Candidate 3

The third release candidate (RC3) for WordPress 6.7 is ready for download and testing!

This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC3 on a test server and site.




11/05/2024 - 14:45

First Public Working Draft: Web Audio API 1.1

The Audio Working Group has published a First Public Working Draft of Web Audio API 1.1. This specification describes a high-level Web API for processing and synthesizing audio in web applications.