Lucene search
K

9 matches found

Ubuntu
Ubuntu
added 2023/03/13 10:55 a.m.430 views

USN-5947-1: Twig vulnerabilities

Fabien Potencier discovered that Twig was not properly enforcing sandbox policies when dealing with objects automatically cast to strings by PHP. An attacker could possibly use this issue to expose sensitive information. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM...

9.8CVSS7AI score0.08209EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/03/13 12:0 a.m.128 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Twig vulnerabilities (USN-5947-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5947-1 advisory. Fabien Potencier discovered that Twig was not properly enforcing sandbox policies when dealing with objects...

9.8CVSS7.1AI score0.08209EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2023/03/13 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-5947-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6AI score0.08209EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2019/04/01 12:0 a.m.27 views

Debian DSA-4419-1 : twig - security update

Fabien Potencier discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This could result in potential information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

4.3CVSS4.9AI score0.01405EPSS
Exploits0References4
Debian
Debian
added 2019/03/29 3:50 p.m.22 views

[SECURITY] [DSA 4419-1] twig security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4419-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 29, 2019 https://www.debian.org/security/faq -...

4.3CVSS0.2AI score0.01405EPSS
Exploits0
Debian
Debian
added 2019/03/29 3:50 p.m.144 views

[SECURITY] [DSA 4419-1] twig security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4419-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 29, 2019 https://www.debian.org/security/faq -...

4.3CVSS4.2AI score0.01405EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/03/28 12:0 a.m.19 views

Debian: Security Advisory (DSA-4419-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.5AI score0.01405EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/03/23 2:31 p.m.28 views

CVE-2019-9942

A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the toString method on an object even if not allowed by the security policy in place...

4.1AI score0.01405EPSS
Exploits0References4
CVE
CVE
added 2019/03/23 2:31 p.m.92 views

CVE-2019-9942

CVE-2019-9942 affects the Twig PHP templating engine. The vulnerability arises from inadequate Sandbox policy enforcement, allowing a sandboxed object to be coerced to a string in some circumstances, leading to potential information disclosure. Affected versions are Twig before 1.38.0 and 2.x bef...

4.3CVSS4AI score0.01405EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder