Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2021/09/22 12:0 a.m.33 views

openSUSE 15 Security Update : php-composer (openSUSE-SU-2021:1289-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1289-1 advisory. - Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not...

8.8CVSS8.6AI score0.04849EPSS
Exploits1References5
OPENSUSE Linux
OPENSUSE Linux
added 2021/09/21 12:0 a.m.64 views

Security update for php-composer (important)

openSUSE Security Update: Security update for php-composer Announcement ID: openSUSE-SU-2021:1289-1 Rating: important References: 1185376 1187416 Cross-References: CVE-2021-29472 CVSS scores: CVE-2021-29472 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15...

8.8CVSS9AI score0.04849EPSS
Exploits1References2
Debian
Debian
added 2021/05/11 8:50 p.m.69 views

[SECURITY] [DLA 2654-1] composer security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2654-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta May 12, 2021 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

8.8CVSS8.8AI score0.04849EPSS
Exploits1
Circl
Circl
added 2021/05/03 4:6 p.m.8 views

CVE-2021-29472

creationtimestamp| type| source ---|---|--- 2021-05-03 16:06:16+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3253 2022-10-05 17:40:03+00:00| seen| https://t.me/truesecator/3519 2023-10-25 13:07:52+00:00| seen| https://t.me/thehackernews/1182...

8.8CVSS8.4AI score0.04849EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/05/03 12:0 a.m.35 views

Debian DSA-4907-1 : composer - security update

It was discovered that composer, a dependency manager for PHP, did not properly sanitize Mercurial URLs, which could lead to arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

8.8CVSS8.4AI score0.04849EPSS
Exploits1References4
Debian
Debian
added 2021/04/29 4:50 p.m.54 views

[SECURITY] [DSA 4907-1] composer security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4907-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 29, 2021 https://www.debian.org/security/faq -...

8.8CVSS8.8AI score0.04849EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/04/29 3:15 p.m.80 views

A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks

The maintainers of Composer, a package manager for PHP, have shipped an update to address a critical vulnerability that could have allowed an attacker to execute arbitrary commands and "backdoor every PHP package," resulting in a supply-chain attack. Tracked as CVE-2021-29472, the security issue...

8.8CVSS0.9AI score0.04849EPSS
Exploits1
CVE
CVE
added 2021/04/27 8:30 p.m.299 views

CVE-2021-29472

Composer suffers from a vulnerability where Mercurial URLs in root composer.json and package source URLs are not sanitized, allowing remote code execution via HgDriver if hg/Mercurial is installed. The impact is described as higher for services passing user input (e.g., Packagist.org, Private Pac...

8.8CVSS9AI score0.04849EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2021/04/27 8:30 p.m.33 views

CVE-2021-29472 Missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial in composer

Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercurial is installed on the system. The impact to...

8.8CVSS9.1AI score0.04849EPSS
Exploits1References7
Rows per page
Query Builder