Open Redirect Affecting symfony/security-http package, versions >=2.7.0, <2.7.38 >=2.8.0, <2.8.31 >=3, <3.1.0 >=3.1.0, <3.2.0 >=3.2.0, <3.2.14 >=3.3.0, <3.3.13 >=3.4-BETA0, <3.4-BETA5 >=4.0-BETA0, <4.0-BETA5


0.0
medium

Snyk CVSS

    Attack Complexity Low
    User Interaction Required
    Scope Changed

    Threat Intelligence

    EPSS 0.1% (41st percentile)
Expand this section
NVD
6.1 medium

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-PHP-SYMFONYSECURITYHTTP-70382
  • published 4 Dec 2017
  • disclosed 17 Nov 2017
  • credit Stefano Angaran

How to fix?

Upgrade symfony/security-http to versions 2.7.38, 2.8.31, 3.1.0, 3.2.0, 3.2.14, 3.3.13 higher.

Overview

Affected versions of symfony/security-http are vulnerable to Open Redirect.

DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler take the content of the _target_path parameter and generate a redirect response but no check is performed on the path, which could be an absolute URL to an external domain, opening redirect vulnerability.