facade/ignition-2.3.7: 4 vulnerabilities (highest severity is: 9.8) #12
Description
Vulnerable Library - facade/ignition-2.3.7
A beautiful error page for Laravel applications.
Library home page: https://github.com/api/repos/facade/ignition/zipball/b364db8860a63c1fb58b72b9718863c21df08762
Found in HEAD commit: c84aace76ec3ee3adbeb9350245a685969209ed1
Vulnerabilities
| Vulnerability | Severity |  CVSS |
Dependency | Type | Fixed in (facade/ignition version) | Remediation Possible** |
|---|---|---|---|---|---|---|
| CVE-2021-3129 |  Critical |
9.8 | facade/ignition-2.3.7 | Direct | 2.5.2 | ❌ |
| CVE-2024-28859 |  Medium |
5.0 | swiftmailer/swiftmailer-v6.2.3 | Transitive | N/A* | ❌ |
| CVE-2024-50345 |  Low |
3.1 | symfony/http-foundation-v5.1.5 | Transitive | N/A* | ❌ |
| CVE-2024-51736 | Low |
0.0 | symfony/process-v5.1.5 | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2021-3129
Vulnerable Library - facade/ignition-2.3.7
A beautiful error page for Laravel applications.
Library home page: https://github.com/api/repos/facade/ignition/zipball/b364db8860a63c1fb58b72b9718863c21df08762
Dependency Hierarchy:
- ❌ facade/ignition-2.3.7 (Vulnerable Library)
Found in HEAD commit: c84aace76ec3ee3adbeb9350245a685969209ed1
Found in base branch: main
Vulnerability Details
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
Publish Date: 2021-01-12
URL: CVE-2021-3129
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3129
Release Date: 2021-01-12
Fix Resolution: 2.5.2
CVE-2024-28859
Vulnerable Library - swiftmailer/swiftmailer-v6.2.3
Swiftmailer, free feature-rich PHP mailer
Library home page: https://github.com/api/repos/swiftmailer/swiftmailer/zipball/149cfdf118b169f7840bbe3ef0d4bc795d1780c9
Dependency Hierarchy:
- facade/ignition-2.3.7 (Root Library)
- monolog/monolog-2.1.1
- ❌ swiftmailer/swiftmailer-v6.2.3 (Vulnerable Library)
- monolog/monolog-2.1.1
Found in HEAD commit: c84aace76ec3ee3adbeb9350245a685969209ed1
Found in base branch: main
Vulnerability Details
Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer unserialize user input in his project. This vulnerability present no direct threat but is a vector that will enable remote code execution if a developper deserialize user untrusted data. Symfony 1 depends on Swift Mailer which is bundled by default in vendor directory in the default installation since 1.3.0. Swift Mailer classes implement some "__destruct()" methods. These methods are called when php destroys the object in memory. However, it is possible to include any object type in "$this->_keys" to make PHP access to another array/object properties than intended by the developer. In particular, it is possible to abuse the array access which is triggered on foreach($this->_keys ...) for any class implementing ArrayAccess interface. This may allow an attacker to execute any PHP command which leads to remote code execution. This issue has been addressed in version 1.5.18. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Publish Date: 2024-03-15
URL: CVE-2024-28859
CVSS 3 Score Details (5.0)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: Low
CVE-2024-50345
Vulnerable Library - symfony/http-foundation-v5.1.5
Symfony HttpFoundation Component
Library home page: https://github.com/api/repos/symfony/http-foundation/zipball/41a4647f12870e9d41d9a7d72ff0614a27208558
Dependency Hierarchy:
- facade/ignition-2.3.7 (Root Library)
- facade/flare-client-php-1.3.5
- ❌ symfony/http-foundation-v5.1.5 (Vulnerable Library)
- facade/flare-client-php-1.3.5
Found in HEAD commit: c84aace76ec3ee3adbeb9350245a685969209ed1
Found in base branch: main
Vulnerability Details
symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The "Request" class, does not parse URI with special characters the same way browsers do. As a result, an attacker can trick a validator relying on the "Request" class to redirect users to another domain. The "Request::create" methods now assert the URI does not contain invalid characters as defined by https://url.spec.whatwg.org/. This issue has been patched in versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Publish Date: 2024-11-06
URL: CVE-2024-50345
CVSS 3 Score Details (3.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: GHSA-mrqx-rp3w-jpjp
Release Date: 2024-11-06
Fix Resolution: symfony/http-foundation - v5.4.46,v6.4.14,v7.1.7
CVE-2024-51736
Vulnerable Library - symfony/process-v5.1.5
Symfony Process Component
Library home page: https://github.com/api/repos/symfony/process/zipball/1864216226af21eb76d9477f691e7cbf198e0402
Dependency Hierarchy:
- facade/ignition-2.3.7 (Root Library)
- symfony/console-v5.1.5
- ❌ symfony/process-v5.1.5 (Vulnerable Library)
- symfony/console-v5.1.5
Found in HEAD commit: c84aace76ec3ee3adbeb9350245a685969209ed1
Found in base branch: main
Vulnerability Details
Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named "cmd.exe" is located in the current working directory it will be called by the "Process" class when preparing command arguments, leading to possible hijacking. This issue has been addressed in release versions 5.4.46, 6.4.14, and 7.1.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Publish Date: 2024-11-06
URL: CVE-2024-51736
CVSS 3 Score Details (0.0)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Release Date: 2024-11-06
Fix Resolution: symfony/process - v5.4.46,v6.4.14,v7.1.7