Lucene search

Composer allows cache poisoning from other projects built on the same host

🗓️ 21 Sep 2023 06:25:30Reported by GoogleType

osv🔗 osv.dev👁 10 Views

Composer cache poisoning vulnerability pre-201

Reporter	Title	Published	Views	Family All 10
CVE	CVE-2015-8371	21 Sep 202306:15	–	cve
Friends Of PHP	Composer Cache Injection vulnerability	10 Feb 201614:51	–	friendsofphp
Friends Of PHP	Composer Cache Injection vulnerability	10 Feb 201614:51	–	friendsofphp
UbuntuCve	CVE-2015-8371	21 Sep 202300:00	–	ubuntucve
Cvelist	CVE-2015-8371	21 Sep 202300:00	–	cvelist
Vulnrichment	CVE-2015-8371	21 Sep 202300:00	–	vulnrichment
NVD	CVE-2015-8371	21 Sep 202306:15	–	nvd
Github Security Blog	Composer allows cache poisoning from other projects built on the same host	21 Sep 202306:30	–	github
Prion	Design/Logic Flaw	21 Sep 202306:15	–	prion
Debian CVE	CVE-2015-8371	21 Sep 202306:15	–	debiancve

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-8371
flyingmana	www.flyingmana.de/blog_en/2016/02/14/composer_cache_injection_vulnerability_cve_2015_8371.html
github	www.github.com/FriendsOfPHP/security-advisories/blob/e26be423c5bcfdb38478d2f92d1f928c15afb561/composer/composer/CVE-2015-8371.yaml
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/composer/composer/CVE-2015-8371.yaml
github	www.github.com/composer/composer
gitlab	www.gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/composer/composer/CVE-2015-8371.yml
flyingmana	www.flyingmana.de/blog_en/2016/02/14/composer_cache_injection_vulnerability_cve_2015_8371.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Sep 2023 06:30Current

6.9Medium risk

Vulners AI Score6.9

CVSS38.8

EPSS0.00156

SSVC