CVE-2024-50345

06.11.2024, 21:15

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the `Request` class to redirect users to another domain. The `Request::create` methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Open Redirect

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	3.1 LOW	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
GitHub_M	CNA	3.1 LOW	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 20%

Debian Releases

Debian Product

Codename

symfony

bullseye	vulnerable
bookworm	5.4.23+dfsg-1+deb12u4 fixed
bookworm (security)	5.4.23+dfsg-1+deb12u4 fixed
sid	6.4.21+dfsg-2 fixed
trixie	6.4.21+dfsg-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

symfony

plucky	needs-triage
oracular	needs-triage
noble	Fixed 6.4.5+dfsg-3ubuntu3+esm1 released
jammy	Fixed 5.4.4+dfsg-1ubuntu8+esm1 released
focal	Fixed 4.3.8+dfsg-1ubuntu1+esm2 released
bionic	needed
xenial	needed

Common Weakness Enumeration

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

References

https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp

https://url.spec.whatwg.org