CVE-2024-50342

06.11.2024, 21:15

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. As of versions 5.4.46, 6.4.14, and 7.1.7 the `NoPrivateNetworkHttpClient` now filters blocked IPs earlier to prevent such leaks. All users are advised to upgrade. There are no known workarounds for this vulnerability.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	3.1 LOW	NETWORK	HIGH	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
GitHub_M	CNA	3.1 LOW	NETWORK	HIGH	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Debian Releases

Debian Product

Codename

symfony

bullseye	vulnerable
bookworm	5.4.23+dfsg-1+deb12u4 fixed
bookworm (security)	5.4.23+dfsg-1+deb12u4 fixed
sid	6.4.21+dfsg-2 fixed
trixie	6.4.21+dfsg-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

symfony

plucky	needs-triage
oracular	needs-triage
noble	Fixed 6.4.5+dfsg-3ubuntu3+esm1 released
jammy	Fixed 5.4.4+dfsg-1ubuntu8+esm1 released
focal	needs-triage
bionic	not-affected
xenial	not-affected

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b

https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm