12 matches found
[SECURITY] [DLA 4186-1] php-twig security update
Debian LTS Advisory DLA-4186-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 28, 2025 https://wiki.debian.org/LTS Package : php-twig Version : 2.14.3-1+deb11u4 CVE ID : CVE-2024-51754 Twig is a template language for PHP. In a sandbox, an attacker can call...
Debian: Security Advisory (DLA-4186-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4186 : php-twig - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4186 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4186-1 [email protected] https://www.debian.org/lts/security/...
CVE-2024-51754
Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...
CVE-2024-51754
creationtimestamp| type| source ---|---|--- 2024-11-06 19:33:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113437679723817793 2024-11-06 21:41:22+00:00| seen| https://t.me/cvedetector/10040...
CVE-2024-51754 Unguarded calls to __toString() when nesting an object into an array in Twig
Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...
CVE-2024-51754 Unguarded calls to __toString() when nesting an object into an array in Twig
Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...
CVE-2024-51754
Twig (PHP template engine) is affected by a vulnerability where in a sandbox an attacker can call __toString() on an object when the object is part of an array or function argument, bypassing security policy. The issue has concrete fixes: Twig 3.11.2 and 3.14.1 include patches. Affected versions ...
CVE-2024-51754 Unguarded calls to __toString() when nesting an object into an array in Twig
Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...
CVE-2023-51754
creationtimestamp| type| source ---|---|--- 2024-02-14 18:27:24+00:00| seen| https://t.me/ctinow/184891...
CVE-2023-51754
Rejected reason: This is unused...
CVE-2023-51754
CVE-2023-51754 entry is rejected/not used and does not represent an active vulnerability entry.