4 matches found
CVE-2026-46629 Twig: Unbounded formatter memoisation in twig/intl-extra keyed on template-controlled arguments
Twig is a template language for PHP. Prior to 3.26.0, twig/intl-extra memoises IntlDateFormatter and NumberFormatter instances in arrays keyed by template-controlled filter arguments such as locale, pattern, and attrs, allowing a template to allocate many ICU formatter objects that remain pinned...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the IntlExtension process. An attacker can cause excessive memory consumption by supplying a large number of unique arguments to the formatdatetime, formatdate, formattime,...
Linux Distros Unpatched Vulnerability : CVE-2026-46629
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig is a template language for PHP. Prior to 3.26.0, twig/intl-extra memoises IntlDateFormatter and NumberFormatter instances in arrays keyed by...
PT-2026-42172
Name of the Vulnerable Software and Affected Versions twig/intl-extra affected versions not specified Description IntlExtension memoises every IntlDateFormatter and NumberFormatter it creates in instance-level arrays. These arrays are keyed on a hash including locale, pattern, and attrs, which ar...