PT-2023-25985 · Unknown · Zenstruck/Collections

Kbond

·

Published

2023-07-14

·

Updated

2023-07-31

·

CVE-2023-37473

CVSS v3.1

8.5

High

VectorAV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions zenstruck/collections versions prior to 0.2.1
Description The issue arises from passing callable strings, such as system, which causes the function to be executed. This results in a limited subset of specific user input being executed as if it were code. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.
Technical details about exploitation include:
  • Vulnerable function names: EntityRepository::find() and query()
  • Vulnerable parameters or variables: user input passed to the aforementioned functions
Recommendations For versions prior to 0.2.1, upgrade to release version 0.2.1 to resolve the issue. As a temporary workaround for users unable to upgrade, ensure that user input is not passed to either EntityRepository::find() or query().

Exploit

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2023-37473
GHSA-7XR2-8FF7-6FJQ

Affected Products

Zenstruck/Collections