16 matches found
twig/intl-extra: Unbounded formatter memoisation in keyed on template-controlled arguments
Description IntlExtension memoises every \IntlDateFormatter and \NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the formatdatetime / formatdate / formattime / formatnumber /...
PT-2026-42588
Description IntlExtension memoises every IntlDateFormatter and NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the format datetime / format date / format time / format number / format...
[SECURITY] Fedora 43 Update: php-php81_bc-strftime-0.7.6-1.fc43
The strftime function has been marked as deprecated in PHP 8.1. This package provides a locale-formatted strftime implementation using IntlDateFormatter, for projects seeking an easy, backwards-compatible solution...
EUVD-2024-53508
Malicious code in bioql PyPI...
CVE-2024-57063
A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
org.webjars.bowergithub.xdan:datetimepicker (=2.5.20) potentially affected by CVE-2024-57063 via org.webjars.bowergithub.kartik-v:php-date-formatter (=1.3.6)
org.webjars.bowergithub.kartik-v:php-date-formatter MAVEN version =1.3.6 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bowergithub.kartik-v:php-date-formatter and may be impacted: - org.webjars.bowergithub.xdan:datetimepicker =2.5.20 Sour...
Prototype Pollution
Overview org.webjars.bowergithub.kartik-v:php-date-formatter is an A Javascript datetime formatting and manipulation library using PHP date-time formats. Affected versions of this package are vulnerable to Prototype Pollution in php-date-formatter.js. Details Prototype Pollution is a vulnerabilit...
Prototype Pollution
Overview org.webjars.npm:php-date-formatter is an A Javascript datetime formatting and manipulation library using PHP date-time formats. Affected versions of this package are vulnerable to Prototype Pollution in php-date-formatter.js. Details Prototype Pollution is a vulnerability affecting...
org.webjars.npm:github-com-xdan-datetimepicker (=2.5.20), org.webjars.npm:jquery-datetimepicker (>=2.5.4 <=2.5.21) potentially affected by CVE-2024-57063 via org.webjars.npm:php-date-formatter (=1.3.6)
org.webjars.npm:php-date-formatter MAVEN version =1.3.6 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:php-date-formatter and may be impacted: - org.webjars.npm:github-com-xdan-datetimepicker =2.5.20 -...
Prototype Pollution
Overview org.webjars.bower:php-date-formatter is an A Javascript datetime formatting and manipulation library using PHP date-time formats. Affected versions of this package are vulnerable to Prototype Pollution in php-date-formatter.js. Details Prototype Pollution is a vulnerability affecting...
org.webjars.bower:datetimepicker (>=2.4.7 <=2.5.20), org.webjars.bower:github-com-xdan-datetimepicker (=2.5.4) potentially affected by CVE-2024-57063 via org.webjars.bower:php-date-formatter (=1.3.5)
org.webjars.bower:php-date-formatter MAVEN version =1.3.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bower:php-date-formatter and may be impacted: - org.webjars.bower:datetimepicker =2.4.7, =2.5.20 -...
CVE-2024-57063
A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
php-date-formatter 安全漏洞
php-date-formatter is a date format library in PHP open source. A security vulnerability exists in php-date-formatter v1.3.6, which stems from the lib function containing a prototype contamination vulnerability...
CVE-2024-57063
A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
CVE-2024-57063
A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
CVE-2024-57063
CVE-2024-57063 pertains to a prototype pollution vulnerability in the PHP package php-date-formatter (v1.3.6) where the lib function can be polluted via a crafted payload, causing a Denial of Service. The issue is documented across multiple sources (NVD/NVD-derived entries, Red Hat, CVE listings)...