-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| symfony/http-foundation | composer | >= 2.0.0, < 2.0.19 | 2.0.19 |
| symfony/routing | composer | >= 2.0.0, < 2.0.19 | 2.0.19 |
| symfony/security | composer | >= 2.0.0, < 2.0.19 | 2.0.19 |
| symfony/symfony | composer | >= 2.0.0, < 2.0.19 | 2.0.19 |
PHPPHPMiggo AIRoot Cause AnalysisThe vulnerability stems from inconsistent path handling between components. The Routing component (UrlMatcher) decoded paths twice (once via Request::getPathInfo() and again via urldecode()), while the Security component (RequestMatcher) used the single-decoded path from getPathInfo(). This allowed attackers to craft double-encoded URLs that matched routing patterns after decoding, but didn't match security rules. The key vulnerable functions are UrlMatcher::match() (for double-decoding) and RequestMatcher::matches() (for not accounting for double-decoding). Commit diffs show these components were modified in the patch (changing urldecode() to rawurldecode() in Routing, and adding rawurldecode() in Security checks).
Ongoing coverage of React2Shell