Search CVE reports
11 – 20 of 30717 results
Twig is a template language for PHP. From 3.15.0 until 3.26.0, _self.(<string>) and import-alias dynamic attribute syntax can concatenate an attacker-controlled string into a MacroReferenceExpression name without identifier...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. From 3.24.0 until 3.26.0, object-destructuring assignment compiles CoreExtension::getAttribute() with the sandbox argument hardcoded to false, disabling property and method policy checks and...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. Prior to 3.26.0, {% sandbox %}{% include %} can include a template that was previously loaded outside the sandbox without re-invoking checkSecurity(), allowing the cached template to use tags,...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. Prior to 3.26.0, several filters in twig/markdown-extra and twig/cssinliner-extra are registered with is_safe => [all], causing Twig to treat plain text or HTML output as safe in...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. Prior to 3.26.0, the column filter passes object arrays to PHP array_column(), which reads public and magic properties without reaching CoreExtension::getAttribute()...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. From 3.9.0 until 3.26.0, template_from_string() compiles an inner template under a synthesized __string_template__<hash> name that can fall outside a SourcePolicyInterface sandbox decision,...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. Prior to 3.26.0, Compiler::string() does not escape single quotes when a template name from a {% use %} tag is placed inside a PHP single-quoted string literal, allowing a crafted template name...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. Prior to 3.26.0, twig/intl-extra memoises IntlDateFormatter and NumberFormatter instances in arrays keyed by template-controlled filter arguments such as locale, pattern, and attrs, allowing a...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. Prior to 3.26.0, the deprecated spaceless filter is registered as safe for HTML, causing Twig autoescaping to emit attacker-controlled markup unescaped when spaceless is applied to untrusted...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |
Twig is a template language for PHP. Prior to 3.26.0, the Twig sandbox does not prevent a template from consuming CPU, memory, or wall-clock time, even under the strictest allow-list, allowing untrusted templates to cause resource...
1 affected package
php-twig
| Package | 26.04 LTS |
|---|---|
| php-twig | Needs evaluation |