Lucene search
K

16 matches found

Github Security Blog
Github Security Blog
added 2026/05/21 9:23 p.m.16 views

twig/intl-extra: Unbounded formatter memoisation in keyed on template-controlled arguments

Description IntlExtension memoises every \IntlDateFormatter and \NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the formatdatetime / formatdate / formattime / formatnumber /...

5.8AI score0.00056EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.15 views

PT-2026-42588

Description IntlExtension memoises every IntlDateFormatter and NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the format datetime / format date / format time / format number / format...

6.9CVSS5.8AI score0.00056EPSS
Exploits0References5
Fedora
Fedora
added 2025/10/23 11:59 p.m.7 views

[SECURITY] Fedora 43 Update: php-php81_bc-strftime-0.7.6-1.fc43

The strftime function has been marked as deprecated in PHP 8.1. This package provides a locale-formatted strftime implementation using IntlDateFormatter, for projects seeking an easy, backwards-compatible solution...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-53508

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/08 4:33 a.m.5 views

CVE-2024-57063

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

7.5CVSS6.7AI score0.00453EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/02/05 10:41 p.m.12 views

org.webjars.bowergithub.xdan:datetimepicker (=2.5.20) potentially affected by CVE-2024-57063 via org.webjars.bowergithub.kartik-v:php-date-formatter (=1.3.6)

org.webjars.bowergithub.kartik-v:php-date-formatter MAVEN version =1.3.6 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bowergithub.kartik-v:php-date-formatter and may be impacted: - org.webjars.bowergithub.xdan:datetimepicker =2.5.20 Sour...

7.5CVSS5.8AI score0.00453EPSS
Exploits0
Snyk
Snyk
added 2025/02/05 10:41 p.m.2 views

Prototype Pollution

Overview org.webjars.bowergithub.kartik-v:php-date-formatter is an A Javascript datetime formatting and manipulation library using PHP date-time formats. Affected versions of this package are vulnerable to Prototype Pollution in php-date-formatter.js. Details Prototype Pollution is a vulnerabilit...

7.5CVSS8AI score0.00453EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/05 10:41 p.m.4 views

Prototype Pollution

Overview org.webjars.npm:php-date-formatter is an A Javascript datetime formatting and manipulation library using PHP date-time formats. Affected versions of this package are vulnerable to Prototype Pollution in php-date-formatter.js. Details Prototype Pollution is a vulnerability affecting...

7.5CVSS8AI score0.00453EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/02/05 10:41 p.m.8 views

org.webjars.npm:github-com-xdan-datetimepicker (=2.5.20), org.webjars.npm:jquery-datetimepicker (>=2.5.4 <=2.5.21) potentially affected by CVE-2024-57063 via org.webjars.npm:php-date-formatter (=1.3.6)

org.webjars.npm:php-date-formatter MAVEN version =1.3.6 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:php-date-formatter and may be impacted: - org.webjars.npm:github-com-xdan-datetimepicker =2.5.20 -...

7.5CVSS5.8AI score0.00453EPSS
Exploits0
Snyk
Snyk
added 2025/02/05 10:41 p.m.3 views

Prototype Pollution

Overview org.webjars.bower:php-date-formatter is an A Javascript datetime formatting and manipulation library using PHP date-time formats. Affected versions of this package are vulnerable to Prototype Pollution in php-date-formatter.js. Details Prototype Pollution is a vulnerability affecting...

7.5CVSS8AI score0.00453EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/02/05 10:41 p.m.7 views

org.webjars.bower:datetimepicker (>=2.4.7 <=2.5.20), org.webjars.bower:github-com-xdan-datetimepicker (=2.5.4) potentially affected by CVE-2024-57063 via org.webjars.bower:php-date-formatter (=1.3.5)

org.webjars.bower:php-date-formatter MAVEN version =1.3.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bower:php-date-formatter and may be impacted: - org.webjars.bower:datetimepicker =2.4.7, =2.5.20 -...

7.5CVSS5.8AI score0.00453EPSS
Exploits0
NVD
NVD
added 2025/02/05 10:15 p.m.10 views

CVE-2024-57063

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

7.5CVSS0.00453EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/05 12:0 a.m.3 views

php-date-formatter 安全漏洞

php-date-formatter is a date format library in PHP open source. A security vulnerability exists in php-date-formatter v1.3.6, which stems from the lib function containing a prototype contamination vulnerability...

7.5CVSS6.7AI score0.00453EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 12:0 a.m.11 views

CVE-2024-57063

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

0.00453EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/05 12:0 a.m.5 views

CVE-2024-57063

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

6.7AI score0.00453EPSS
Exploits0References1
CVE
CVE
added 2025/02/05 12:0 a.m.55 views

CVE-2024-57063

CVE-2024-57063 pertains to a prototype pollution vulnerability in the PHP package php-date-formatter (v1.3.6) where the lib function can be polluted via a crafted payload, causing a Denial of Service. The issue is documented across multiple sources (NVD/NVD-derived entries, Red Hat, CVE listings)...

7.5CVSS6.4AI score0.00453EPSS
Exploits0References1
Rows per page
Query Builder