10 matches found
CVE-2026-48808
Twig’s CVE-2026-48808 describes a sandbox bypass when sandboxing is enabled via SourcePolicyInterface and the CoreExtension::column() filter is used. The issue arises because the column filter passes the active sandbox state as a boolean but does not forward the current Source to SandboxExtension...
GHSA-H8VQ-8GPG-MHCG Twig: Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface`
Description This is a residual bypass of CVE-2026-46635 / GHSA-vcc8-phrv-43wj that only affects sandboxing enabled through SourcePolicyInterface and not the regular global sandbox mode. CoreExtension::column receives the active sandbox state via the needsissandboxed channel as a boolean...
Incorrect Authorization
Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via the CoreExtension::column filter when sandboxing is enabled through SourcePolicyInterface. An attacker can bypass the sandbox property...
Linux Distros Unpatched Vulnerability : CVE-2026-24425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template...
CVE-2026-24425
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...
CVE-2026-24425
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...
CVE-2026-24425 Twig 2.16.x & 3.9.0-3.25.x Sandbox Bypass via SourcePolicyInterface
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...
CVE-2026-24425
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that...
CVE-2026-24425
Twig 2.16.x and 3.9.0–3.25.x contain a sandbox bypass via SourcePolicyInterface, allowing runtime bypass of sandbox checks when using a source policy to execute arbitrary code. The underlying issue is a runtime check that fails to use the current template source, enabling code execution if sandbo...
PT-2026-42168
Name of the Vulnerable Software and Affected Versions Twig versions 2.16.x Twig versions 3.9.0 through 3.25.x Description A sandbox bypass exists when using a SourcePolicyInterface. This occurs because a runtime check fails to use the current template source, allowing attackers with template...