CVE-2020-15094

Name of the Vulnerable Software and Affected Versions Symfony versions prior to 4.4.13 Symfony versions prior to 5.1.5

Description The CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially written with surrogate caching and ESI support in mind, where all HTTP calls come from a trusted backend. However, when used by CachingHttpClient and if an attacker can control the response for a request being made by the CachingHttpClient, remote code execution is possible.

Recommendations For Symfony versions prior to 4.4.13, update to version 4.4.13 or later. For Symfony versions prior to 5.1.5, update to version 5.1.5 or later. As a temporary workaround, consider stripping HTTP headers designed for internal use in HttpCache from remote responses before being passed to HttpCache.