GHSA-G5VJ-WJ9X-4JG9

Vulnerability from github – Published: 2024-05-29 18:53 – Updated: 2024-05-29 18:53
VLAI
Summary
symbiote/silverstripe-multivaluefield Possible PHP Object Injection via Multi-Value Field Extension
Details

A potential deserialisation vulnerability has been identified in the symbiote/silverstripe-multivaluefield which could allow an attacker to exploit implementations of this module via object injection.

Support for handling PHP objects as values in this module has been deprecated, and the serialisation technique has been switched to using JSON for handling arrays.

As well as this, a potential XSS (cross-site scripting) vulnerability has been identified and remediated.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symbiote/silverstripe-multivaluefield"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-74",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-29T18:53:48Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "A potential deserialisation vulnerability has been identified in the symbiote/silverstripe-multivaluefield which could allow an attacker to exploit implementations of this module via object injection.\n\nSupport for handling PHP objects as values in this module has been deprecated, and the serialisation technique has been switched to using JSON for handling arrays.\n\nAs well as this, a potential XSS (cross-site scripting) vulnerability has been identified and remediated.",
  "id": "GHSA-g5vj-wj9x-4jg9",
  "modified": "2024-05-29T18:53:48Z",
  "published": "2024-05-29T18:53:48Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/symbiote/silverstripe-multivaluefield/commit/31fbc8c208431fc7d7e96da6fa39ca057d978953"
    },
    {
      "type": "WEB",
      "url": "https://github.com/symbiote/silverstripe-multivaluefield/commit/f523dfcb13b2bd9eb110ffa0c83087a49322ad3b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symbiote/silverstripe-multivaluefield/SS-2018-017-1.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/symbiote/silverstripe-multivaluefield"
    },
    {
      "type": "WEB",
      "url": "https://www.silverstripe.org/download/security-releases/ss-2018-017"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "symbiote/silverstripe-multivaluefield Possible PHP Object Injection via Multi-Value Field Extension"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…