UBUNTU-CVE-2023-28115

Source
https://ubuntu.com/security/CVE-2023-28115
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-28115.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2023-28115
Related
Published
2023-03-17T22:15:00Z
Modified
2024-10-15T14:11:25Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_exists() function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution especially when snappy is used with frameworks with documented POP chains like Laravel/Symfony vulnerable developer code. If a user can control the output file from the generateFromHtml() function, it will invoke deserialization. This vulnerability is capable of remote code execution if Snappy is used with frameworks or developer code with vulnerable POP chains. It has been fixed in version 1.4.2.

References

Affected packages

Ubuntu:Pro:16.04:LTS / civicrm

Package

Name
civicrm
Purl
pkg:deb/ubuntu/civicrm?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.7.1+dfsg-1
4.7.1+dfsg-2
4.7.1+dfsg-2ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / civicrm

Package

Name
civicrm
Purl
pkg:deb/ubuntu/civicrm?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.7.23+dfsg-1ubuntu1
4.7.24+dfsg-1ubuntu1
4.7.30+dfsg-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / civicrm

Package

Name
civicrm
Purl
pkg:deb/ubuntu/civicrm?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.11.0+dfsg-1
5.18.1+dfsg-1
5.20.3+dfsg-1
5.21.0+dfsg-1
5.21.1+dfsg-1
5.21.2+dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / civicrm

Package

Name
civicrm
Purl
pkg:deb/ubuntu/civicrm?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.33.2+dfsg1-1
5.33.2+dfsg1-1build1
5.33.2+dfsg1-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}