Lucene search

K

CVE-2024-35241 Composer vulnerable to command injection via malicious git branch name

🗓️ 10 Jun 2024 21:47:19Reported by GitHub_MType 
cvelist
 cvelist
🔗 www.cve.org👁 31 Views

Composer vulnerability in 2.x branch prior to versions 2.2.24 and 2.7.7 enabling command injection via malicious git branch name

Show more
Related
Affected
Refs
ReporterTitlePublishedViews
Family
CVE
CVE-2024-35241
10 Jun 202422:15
cve
OSV
CGA-g75w-3gxm-gj8g
12 Jun 202408:05
osv
OSV
BIT-composer-2024-35241
12 Jun 202407:16
osv
OSV
Composer has a command injection via malicious git branch name
10 Jun 202421:36
osv
OSV
CVE-2024-35241
10 Jun 202422:15
osv
OSV
composer - security update
18 Jun 202400:00
osv
OSV
composer - security update
19 Jun 202400:00
osv
OSV
php-composer2-2.7.7-1.1 on GA media
15 Jun 202400:00
osv
OSV
Security update for php-composer2
20 Jun 202415:33
osv
OSV
Security update for php-composer2
20 Jun 202414:19
osv
Rows per page
[
  {
    "vendor": "composer",
    "product": "composer",
    "versions": [
      {
        "version": ">= 2.0, < 2.2.24",
        "status": "affected"
      },
      {
        "version": ">= 2.3, < 2.7.7",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
10 Jun 2024 21:19Current
CVSS38.8
EPSS0.0004
31
.json
Report