Lucene search
+L

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-24374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This...

4.3CVSS5.5AI score0.00282EPSS
Exploits0References3
NVD
NVD
added 2025/01/29 4:15 p.m.32 views

CVE-2025-24374

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0...

4.3CVSS0.00282EPSS
Exploits0References2
CVE
CVE
added 2025/01/29 3:22 p.m.227 views

CVE-2025-24374

Twig is a PHP template engine. The vulnerability CVE-2025-24374 concerns missing output escaping for the left side of the null coalescing operator (??). The issue is fixed in Twig 3.19.0. Severity in CVSSv3.1 is MEDIUM (4.3), but the document notes no exploitation details. Connected sources (NVD/...

4.3CVSS4.6AI score0.00282EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/29 3:22 p.m.48 views

CVE-2025-24374 Twig fixes a security issue where escaping was missing when using null coalesce operator (??)

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0...

4.3CVSS0.00282EPSS
Exploits0References2
OSV
OSV
added 2025/01/29 3:22 p.m.18 views

CVE-2025-24374 Twig fixes a security issue where escaping was missing when using null coalesce operator (??)

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0...

4.3CVSS6.5AI score0.00282EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/29 3:22 p.m.11 views

CVE-2025-24374 Twig fixes a security issue where escaping was missing when using null coalesce operator (??)

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0...

4.3CVSS4.5AI score0.00282EPSS
Exploits0References2
Circl
Circl
added 2025/01/29 7:0 a.m.12 views

CVE-2025-24374

creationtimestamp| type| source ---|---|--- 2025-01-29 07:00:56+00:00| seen| https://bsky.app/profile/symfony.com/post/3lgufjj5oh52a 2025-01-29 08:19:01+00:00| seen| https://bsky.app/profile/druid.fi/post/3lgujv2zyt22r 2025-01-29 15:30:44+00:00| seen|...

4.3CVSS5.7AI score0.00282EPSS
Exploits0References7
Friends Of PHP
Friends Of PHP
added 2025/01/29 6:52 a.m.22 views

Missing output escaping for the null coalesce operator

More info at https://symfony.com/blog/twig-cve-2025-24374-missing-output-escaping-for-the-null-coalesce-operator...

4.3CVSS4.6AI score0.00282EPSS
Exploits0Affected Software1
Rows per page
Query Builder