5 matches found
Fedora 44 : composer (2026-9b34a78e81)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9b34a78e81 advisory. Version 2.10.1 - 2026-06-04 Security: Fixed shell escaping when opening an editor 12903 Security: Verify backup phar signature before restoring it when using...
Fedora 43 : pie (2026-b7427db462)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b7427db462 advisory. Version 1.4.4 Dependencies - Update Composer to 2.9.8 ---- Version 1.4.3 - add output check for dnf permission denied thanks to @asgrim and @hackel - don't...
Insertion of Sensitive Information into Log File
Overview setup-php is a Setup PHP for use with GitHub Actions Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the process that configures GitHub tokens for Composer in workflows where an exact affected Composer version is pinned. An attacke...
CVE-2025-49424 WordPress Essential Doo Components for Visual Composer plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in diego.benna Essential Doo Components for Visual Composer allows DOM-Based XSS. This issue affects Essential Doo Components for Visual Composer: from n/a through 1.9...
October CMS Arbitrary File Read Vulnerability
October CMS is an open source content management system CMS based on PHP and Laravel web application framework. A security vulnerability exists in October CMS composer versions 1.0.319 and later fixed in version 1.0.466. An attacker could exploit the vulnerability to delete arbitrary local files...