Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/illuminate/cookie@5.4.36
Typecomposer
Namespaceilluminate
Namecookie
Version5.4.36
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.18.31
Latest_non_vulnerable_version7.22.4
Affected_by_vulnerabilities
0
url VCID-9rpm-c9n3-77d3
vulnerability_id VCID-9rpm-c9n3-77d3
summary 
Laravel RCE vulnerability in "cookie" session driver
Application's using the "cookie" session driver were the primary applications affected by this vulnerability. Since we have not yet released a security release for the Laravel 5.5 version of the framework, we recommend that all applications running Laravel 5.5 and earlier do not use the "cookie" session driver in their production deployments.

Regarding the vulnerability, applications using the "cookie" session driver that were also exposing an encryption oracle via their application were vulnerable to remote code execution. An encryption oracle is a mechanism where arbitrary user input is encrypted and the encrypted string is later displayed or exposed to the user. This combination of scenarios lets the user generate valid Laravel signed encryption strings for any plain-text string, thus allowing them to craft Laravel session payloads when an application is using the "cookie" driver.

This fix prefixes cookie values with an HMAC hash of the cookie's name before encryption and then verifies a matching hash on decryption, making it impossible to craft a valid cookie payload even if an encryption oracle is exposed via the application.
references
0
reference_url https://blog.laravel.com/laravel-cookie-security-releases
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://blog.laravel.com/laravel-cookie-security-releases
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/illuminate/cookie/2020-07-27-1.yaml
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/illuminate/cookie/2020-07-27-1.yaml
2
reference_url https://github.com/illuminate/cookie
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/illuminate/cookie
3
reference_url https://github.com/advisories/GHSA-2ffv-r4r9-r8xr
reference_id GHSA-2ffv-r4r9-r8xr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2ffv-r4r9-r8xr
fixed_packages
0
url pkg:composer/illuminate/cookie@6.18.31
purl pkg:composer/illuminate/cookie@6.18.31
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/illuminate/cookie@6.18.31
1
url pkg:composer/illuminate/cookie@7.22.4
purl pkg:composer/illuminate/cookie@7.22.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/illuminate/cookie@7.22.4
aliases GHSA-2ffv-r4r9-r8xr
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9rpm-c9n3-77d3
1
url VCID-s2uq-yyre-ubh6
vulnerability_id VCID-s2uq-yyre-ubh6
summary 
Session Fixation
Cookie serialization vulnerability.
references
0
reference_url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
reference_id
reference_type
scores
url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
fixed_packages
0
url pkg:composer/illuminate/cookie@5.5.43
purl pkg:composer/illuminate/cookie@5.5.43
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29ev-vnzj-bfe5
1
vulnerability VCID-9rpm-c9n3-77d3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/illuminate/cookie@5.5.43
1
url pkg:composer/illuminate/cookie@5.6.30
purl pkg:composer/illuminate/cookie@5.6.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9rpm-c9n3-77d3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/illuminate/cookie@5.6.30
aliases GMS-2018-70
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2uq-yyre-ubh6
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/illuminate/cookie@5.4.36