Composer 2.x prior to 2.2.24 and 2.7.7 allows command injection via specially crafted branch names
Reporter | Title | Published | Views | Family All 41 |
---|---|---|---|---|
![]() | CVE-2024-35242 Composer vulnerable to command injection via malicious git/hg branch names | 10 Jun 202421:23 | – | vulnrichment |
![]() | Amazon Linux 2023 : composer (ALAS2023-2024-659) | 22 Jul 202400:00 | – | nessus |
![]() | FreeBSD : Composer -- Multiple command injections via malicious git/hg branch names (5f608c68-276c-11ef-8caa-0897988a1c07) | 11 Jun 202400:00 | – | nessus |
![]() | Debian dsa-5715 : composer - security update | 18 Jun 202400:00 | – | nessus |
![]() | SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2024:2107-1) | 21 Jun 202400:00 | – | nessus |
![]() | Fedora 40 : composer (2024-9ed24c98cd) | 19 Jun 202400:00 | – | nessus |
![]() | Debian dla-3838 : composer - security update | 20 Jun 202400:00 | – | nessus |
![]() | Fedora 39 : composer (2024-bb55f8476a) | 20 Jun 202400:00 | – | nessus |
![]() | SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2024:2106-1) | 21 Jun 202400:00 | – | nessus |
![]() | CVE-2024-35242 | 10 Jun 202422:15 | – | osv |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | composer | 2.5.5-1+deb12u2 | composer_2.5.5-1+deb12u2_all.deb |
Debian | 11 | all | composer | 2.0.9-2+deb11u3 | composer_2.0.9-2+deb11u3_all.deb |
Debian | 999 | all | composer | 2.7.7-1 | composer_2.7.7-1_all.deb |
Debian | 13 | all | composer | 2.7.7-1 | composer_2.7.7-1_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo