Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/05/21 9:23 p.m.16 views

twig/intl-extra: Unbounded formatter memoisation in keyed on template-controlled arguments

Description IntlExtension memoises every \IntlDateFormatter and \NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the formatdatetime / formatdate / formattime / formatnumber /...

5.8AI score0.00056EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.15 views

PT-2026-42588

Description IntlExtension memoises every IntlDateFormatter and NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the format datetime / format date / format time / format number / format...

6.9CVSS5.8AI score0.00056EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.5 views

The vulnerability of the NumberFormatter::setSymbol function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the NumberFormatter::setSymbol function in the PHP programming language exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

5.3CVSS5.4AI score0.12718EPSS
Exploits1References9Affected Software4
OSV
OSV
added 2019/07/01 2:15 a.m.2 views

UBUNTU-CVE-2019-13117

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

7.5CVSS6.8AI score0.06457EPSS
Exploits0References4
Rows per page
Query Builder