Lucene search
+L

4 matches found

OSV
OSV
added 3 days ago4 views

CVE-2026-46629 Twig: Unbounded formatter memoisation in twig/intl-extra keyed on template-controlled arguments

Twig is a template language for PHP. Prior to 3.26.0, twig/intl-extra memoises IntlDateFormatter and NumberFormatter instances in arrays keyed by template-controlled filter arguments such as locale, pattern, and attrs, allowing a template to allocate many ICU formatter objects that remain pinned...

5.3CVSS6.1AI score0.00302EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/21 9:23 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the IntlExtension process. An attacker can cause excessive memory consumption by supplying a large number of unique arguments to the formatdatetime, formatdate, formattime,...

6.9CVSS5.8AI score0.00302EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46629

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig is a template language for PHP. Prior to 3.26.0, twig/intl-extra memoises IntlDateFormatter and NumberFormatter instances in arrays keyed by...

6.5CVSS6.1AI score0.00302EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.15 views

PT-2026-42172

Name of the Vulnerable Software and Affected Versions twig/intl-extra affected versions not specified Description IntlExtension memoises every IntlDateFormatter and NumberFormatter it creates in instance-level arrays. These arrays are keyed on a hash including locale, pattern, and attrs, which ar...

5.3CVSS5.8AI score0.00302EPSS
Exploits0References15
Rows per page
Query Builder