Composer vulnerability in 2.x branch prior to versions 2.2.24 and 2.7.7 enabling command injection via malicious git branch name
Reporter | Title | Published | Views | Family All 39 |
---|---|---|---|---|
CVE | CVE-2024-35241 | 10 Jun 202422:15 | – | cve |
OSV | CGA-g75w-3gxm-gj8g | 12 Jun 202408:05 | – | osv |
OSV | BIT-composer-2024-35241 | 12 Jun 202407:16 | – | osv |
OSV | Composer has a command injection via malicious git branch name | 10 Jun 202421:36 | – | osv |
OSV | CVE-2024-35241 | 10 Jun 202422:15 | – | osv |
OSV | composer - security update | 18 Jun 202400:00 | – | osv |
OSV | composer - security update | 19 Jun 202400:00 | – | osv |
OSV | php-composer2-2.7.7-1.1 on GA media | 15 Jun 202400:00 | – | osv |
OSV | Security update for php-composer2 | 20 Jun 202415:33 | – | osv |
OSV | Security update for php-composer2 | 20 Jun 202414:19 | – | osv |
[
{
"vendor": "composer",
"product": "composer",
"versions": [
{
"version": ">= 2.0, < 2.2.24",
"status": "affected"
},
{
"version": ">= 2.3, < 2.7.7",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo