Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS13OXBoLXE0aDktcndxNs4AAYu2
CodeIgniter and Kohana vulnerable to PHP Object Injection
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes.
Permalink: https://github.com/advisories/GHSA-w9ph-q4h9-rwq6JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS13OXBoLXE0aDktcndxNs4AAYu2
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: over 2 years ago
Updated: over 1 year ago
CVSS Score: 9.8
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Percentage: 0.00247
EPSS Percentile: 0.64993
Identifiers: GHSA-w9ph-q4h9-rwq6, CVE-2014-8684
References:
- https://nvd.nist.gov/vuln/detail/CVE-2014-8684
- https://github.com/kohana/core/pull/492
- http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html
- http://seclists.org/fulldisclosure/2014/May/54
- https://github.com/kohana/core/commit/66b409a6da2960130888989534ff1799532b8f32
- https://github.com/bcit-ci/CodeIgniter/blob/2.2.6/system/libraries/Session.php#L159
- https://web.archive.org/web/20140802041151/https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection
- https://github.com/advisories/GHSA-w9ph-q4h9-rwq6
Blast Radius: 26.9
Affected Packages
packagist:kohana/core
Dependent packages: 83Dependent repositories: 553
Downloads: 507,509 total
Affected Version Ranges: < 3.3.3
Fixed in: 3.3.3
All affected versions: 3.2.3, 3.3.1, 3.3.2
All unaffected versions: 3.3.3, 3.3.4, 3.3.5, 3.3.6
packagist:codeigniter/framework
Dependent packages: 69Dependent repositories: 509
Downloads: 1,844,784 total
Affected Version Ranges: < 3.0.0
Fixed in: 3.0.0
All affected versions:
All unaffected versions: 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.1.13