Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-41267

Опубликовано: 24 нояб. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the X-Forwarded-Prefix headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to forge requests containing a X-Forwarded-Prefix header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the X-Forwarded-Prefix header is not forwarded to subrequests when it is not trusted.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

5.3.12
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

5.3.12
esm-apps/noble

not-affected

5.3.12
esm-apps/xenial

not-affected

code not present
focal

not-affected

code not present
hirsute

ignored

end of life
impish

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 63%
0.00462
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2021-41267

CVSS3: 6.5
nvd
больше 3 лет назад

Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted.

debian логотип

CVE-2021-41267

CVSS3: 6.5
debian
больше 3 лет назад

Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP fr ...

github логотип

GHSA-q3j3-w37x-hq2q

CVSS3: 6.5
github
больше 3 лет назад

Webcache Poisoning in symfony/http-kernel

EPSS

Процентиль: 63%
0.00462
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3