22 matches found
SUSE SLES15 Security Update : php-composer2 (SUSE-SU-2026:1970-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1970-1 advisory. This update for php-composer2 fixes the following issues - CVE-2026-40176: command injection via malicious Perforce repository...
openSUSE 16 Security Update : php-composer2 (openSUSE-SU-2026:20670-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20670-1 advisory. - CVE-2025-67746: ANSI control characters injection in terminal output of various Composer commands via attacker controlled remote sources...
SUSE-SU-2026:21542-1 Security update for php-composer2
This update for php-composer2 fixes the following issues: - CVE-2025-67746: ANSI control characters injection in terminal output of various Composer commands via attacker controlled remote sources bsc1255768. - CVE-2026-40176: arbitrary command injection via malicious Perforce repository definiti...
SUSE-SU-2026:0935-1 Security update for php-composer2
This update for php-composer2 fixes the following issues: CVE-2025-67746: Fixed ANSI control characters injection in the terminal output of various Composer commands via attacker controlled remote sources. bsc1255768...
openSUSE Security Advisory (SUSE-SU-2026:0825-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:2107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2024:2107-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2107-1 advisory. - CVE-2024-35241: Fixed code execution when installing packages in repository with specially crafted branch names...
SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2024:2106-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2106-1 advisory. - CVE-2024-35241: Fixed code execution when installing packages in repository with specially crafted branch names...
SUSE: Security Advisory (SUSE-SU-2024:2106-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2107-1 Security update for php-composer2
This update for php-composer2 fixes the following issues: - CVE-2024-35241: Fixed code execution when installing packages in repository with specially crafted branch names bsc1226181. - CVE-2024-35242: Fixed command injection via specially crafted branch names during repository cloning bsc1226182...
SUSE-SU-2024:2106-1 Security update for php-composer2
This update for php-composer2 fixes the following issues: - CVE-2024-35241: Fixed code execution when installing packages in repository with specially crafted branch names bsc1226181. - CVE-2024-35242: Fixed command injection via specially crafted branch names during repository cloning bsc1226182...
OPENSUSE-SU-2024:13290-1 php-composer2-2.6.4-1.1 on GA media
These are all security issues fixed in the php-composer2-2.6.4-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:12048-1 php-composer2-2.3.5-1.1 on GA media
These are all security issues fixed in the php-composer2-2.3.5-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13681-1 php-composer2-2.7.1-1.1 on GA media
These are all security issues fixed in the php-composer2-2.7.1-1.1 package on the GA media of openSUSE Tumbleweed...
openSUSE: Security Advisory for php (SUSE-SU-2023:4041-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:0592-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2024:0592-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0592-1 advisory. - CVE-2024-24821: Fixed potential arbitrary code execution when Composer is invoked within a directory with tampered files...
SUSE: Security Advisory (SUSE-SU-2024:0592-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:4041-1 Security update for php-composer2
This update for php-composer2 fixes the following issues: - CVE-2023-43655: Fixed a remote code execution issue that could be triggered if users published a web-accessible composer.phar file bsc1215859...
SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2022:3020-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3020-1 advisory. - CVE-2022-24828: Fixed a code injection issue that affected integrators using specific APIs to read untrusted input files...