Headline
GHSA-mg7h-9qfx-4r83: ZendFramework Potential Proxy Injection Vulnerabilities
Zend\Session\Validator\RemoteAddr
and Zend\View\Helper\ServerUrl
were found to be improperly parsing HTTP headers for proxy information, which could potentially allow an attacker to spoof a proxied IP or host name.
In Zend\Session\Validator\RemoteAddr
, if the client is behind a proxy server, the detection of the proxy URL was incorrect, and could lead to invalid results on subsequent lookups.
In Zend\View\Helper\ServerUrl
, if the server lives behind a proxy, the helper would always generate a URL based on the proxy host, regardless of whether or not this was desired; additionally, it did not take into account the proxy port or protocol, if provided.
Package
composer zendframework/zendframework (Composer)
Affected versions
>= 2.0.0, < 2.0.5
Patched versions
2.0.5
Description
Zend\Session\Validator\RemoteAddr and Zend\View\Helper\ServerUrl were found to be improperly parsing HTTP headers for proxy information, which could potentially allow an attacker to spoof a proxied IP or host name.
In Zend\Session\Validator\RemoteAddr, if the client is behind a proxy server, the detection of the proxy URL was incorrect, and could lead to invalid results on subsequent lookups.
In Zend\View\Helper\ServerUrl, if the server lives behind a proxy, the helper would always generate a URL based on the proxy host, regardless of whether or not this was desired; additionally, it did not take into account the proxy port or protocol, if provided.
References
- zendframework/zendframework@1040aca
- zendframework/zendframework@ad8fdc3
- zendframework/zendframework@ada1fab
- zendframework/zendframework@b914ecd
- zendframework/zendframework@c3819ab
- zendframework/zendframework@cfaf5ea
- https://framework.zend.com/security/advisory/ZF2012-04
- https://github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework/ZF2012-04.yaml
Published to the GitHub Advisory Database
Jun 7, 2024
Reviewed
Jun 7, 2024
Last updated
Jun 7, 2024