27 matches found
GHSA-R39X-JCWW-82V6 Symfony's incorrect argument escaping under MSYS2/Git Bash can lead to destructive file operations on Windows
Summary The Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP is executed from an MSYS2-based environment e.g. Git Bash and Symfony Process spawns native Windows executables, MSYS2’s argument/path conversion can...
Symfony's incorrect argument escaping under MSYS2/Git Bash can lead to destructive file operations on Windows
Summary The Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP is executed from an MSYS2-based environment e.g. Git Bash and Symfony Process spawns native Windows executables, MSYS2’s argument/path conversion can...
CVE-2026-24739
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...
CVE-2026-24739 Symfony has incorrect argument escaping under MSYS2/Git Bash on Windows that can lead to destructive file operations
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...
CVE-2026-24739
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...
CVE-2026-24739 Symfony has incorrect argument escaping under MSYS2/Git Bash on Windows that can lead to destructive file operations
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...
CVE-2026-24739 Symfony has incorrect argument escaping under MSYS2/Git Bash on Windows that can lead to destructive file operations
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...
CVE-2026-24739
Summary: CVE-2026-24739 affects the Symfony Process component in Symfony PHP framework. Prior to fixes, unquoted arguments containing characters like “=” could be mis-handled when PHP runs under MSYS2-based environments (e.g., Git Bash) and Symfony spawns native Windows executables. This could co...
PT-2026-5124
Name of the Vulnerable Software and Affected Versions Symfony versions prior to 5.4.51 Symfony versions prior to 6.4.33 Symfony versions prior to 7.3.11 Symfony versions prior to 7.4.5 Symfony versions prior to 8.0.5 Description The Symfony Process component did not properly handle certain...
Amazon Linux 2022 : git (ALAS2022-2022-236)
The version of git installed on the remote host is prior to 2.37.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-236 advisory. - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on...
EulerOS Virtualization 3.0.6.0 : git (EulerOS-SA-2022-2559)
According to the versions of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machine...
EulerOS Virtualization 3.0.6.6 : git (EulerOS-SA-2022-2500)
According to the versions of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machine...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2022-2131)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2022-2156)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : git (EulerOS-SA-2022-2156)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where...
Amazon Linux 2 : git (ALAS-2022-1810)
The version of git installed on the remote host is prior to 2.34.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1810 advisory. A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system...
EulerOS 2.0 SP9 : git (EulerOS-SA-2022-1965)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where...
EulerOS 2.0 SP8 : git (EulerOS-SA-2022-1929)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where...
EulerOS 2.0 SP5 : git (EulerOS-SA-2022-1888)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where...
Amazon Linux AMI : git (ALAS-2022-1589)
The version of git installed on the remote host is prior to 2.36.1-1.75. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1589 advisory. A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system...