Vulnerabilities > CVE-2019-10912 - Deserialization of Untrusted Data vulnerability in Sensiolabs Symfony
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
HIGH Availability impact
NONE Summary
In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2019-8635280DE5.NASL description **Version 3.4.26** (2019-04-17) - bug #31084 [HttpFoundation] Make MimeTypeExtensionGuesser case insensitive (vermeirentony) - bug #31142 Revert last seen 2020-06-01 modified 2020-06-02 plugin id 124514 published 2019-05-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124514 title Fedora 30 : php-symfony3 (2019-8635280de5) NASL family Fedora Local Security Checks NASL id FEDORA_2019-A3CA65028C.NASL description **Version 3.4.26** (2019-04-17) - bug #31084 [HttpFoundation] Make MimeTypeExtensionGuesser case insensitive (vermeirentony) - bug #31142 Revert last seen 2020-06-01 modified 2020-06-02 plugin id 124351 published 2019-04-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124351 title Fedora 29 : php-symfony3 (2019-a3ca65028c) NASL family Fedora Local Security Checks NASL id FEDORA_2019-0EF4149687.NASL description **Version 2.8.50** (2019-04-17) - security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) - security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine (stof) - security #cve-2019-10912 [PHPUnit Bridge] Prevent destructors with side-effects from being unserialized (nicolas-grekas) - security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli) - security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124471 published 2019-05-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124471 title Fedora 30 : php-symfony (2019-0ef4149687) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4441.NASL description Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 124779 published 2019-05-13 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124779 title Debian DSA-4441-1 : symfony - security update NASL family Fedora Local Security Checks NASL id FEDORA_2019-32067D8B15.NASL description **Version 4.1.12** (2019-04-17) - security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) - security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine (stof) - security #cve-2019-10912 [Cache][PHPUnit Bridge] Prevent destructors with side-effects from being unserialized (nicolas-grekas) - security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli) - security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124348 published 2019-04-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124348 title Fedora 29 : php-symfony4 (2019-32067d8b15) NASL family Fedora Local Security Checks NASL id FEDORA_2019-2A7F472198.NASL description **Version 3.4.26** (2019-04-17) - bug #31084 [HttpFoundation] Make MimeTypeExtensionGuesser case insensitive (vermeirentony) - bug #31142 Revert last seen 2020-06-01 modified 2020-06-02 plugin id 124347 published 2019-04-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124347 title Fedora 28 : php-symfony3 (2019-2a7f472198) NASL family Fedora Local Security Checks NASL id FEDORA_2019-F5D6A7CE74.NASL description **Version 4.2.7** (2019-04-17) - bug #31107 [Routing] fix trailing slash redirection with non-greedy trailing vars (nicolas-grekas) - bug #31108 [FrameworkBundle] decorate the ValidatorBuilder last seen 2020-06-01 modified 2020-06-02 plugin id 124556 published 2019-05-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124556 title Fedora 30 : php-symfony4 (2019-f5d6a7ce74) NASL family Fedora Local Security Checks NASL id FEDORA_2019-F8DB687840.NASL description **Version 2.8.50** (2019-04-17) - security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) - security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine (stof) - security #cve-2019-10912 [PHPUnit Bridge] Prevent destructors with side-effects from being unserialized (nicolas-grekas) - security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli) - security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124352 published 2019-04-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124352 title Fedora 29 : php-symfony (2019-f8db687840) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_5E35CFBA999411E9B07FDF5ABF8B84D6.NASL description TYPO3 news : Please read the corresponding Security Advisories for details. last seen 2020-06-01 modified 2020-06-02 plugin id 126365 published 2019-07-01 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126365 title FreeBSD : TYPO3 -- multiple vulnerabilities (5e35cfba-9994-11e9-b07f-df5abf8b84d6) NASL family Fedora Local Security Checks NASL id FEDORA_2019-3EE6A7ADF2.NASL description **Version 2.8.50** (2019-04-17) - security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) - security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine (stof) - security #cve-2019-10912 [PHPUnit Bridge] Prevent destructors with side-effects from being unserialized (nicolas-grekas) - security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli) - security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124349 published 2019-04-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124349 title Fedora 28 : php-symfony (2019-3ee6a7adf2)
References
- https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized
- https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b
- https://seclists.org/bugtraq/2019/May/21
- https://www.debian.org/security/2019/dsa-4441
- https://typo3.org/security/advisory/typo3-core-sa-2019-016/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/