33 matches found
CVE-2026-48806 Twig: Sandbox `__toString()` policy bypass via dynamic mapping keys
Twig is a template language for PHP. Prior to 3.27.0, ArrayExpression does not guard dynamic mapping keys that are coerced to strings, allowing PHP to invoke toString on a Stringable object used as a mapping key without calling SandboxExtension::ensureToStringAllowed. This issue is fixed in versi...
CVE-2026-48806
Twig’s vulnerability CVE-2026-48806 concerns dynamic mapping keys in ArrayExpression not being wrapped for string coercion, allowing PHP to call __toString() on a Stringable key without SandboxExtension::ensureToStringAllowed(). The issue affects Twig
GHSA-3WRR-7QPF-2PRH jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()
Impact Potential Denial-of-Service when attacker sends deeply nested JSON if and only if service: 1. Reads deeply nested 1000s of levels JSON as JsonNode ObjectMapper.readTree 2. Writes out same or modifided node using JsonNode.toString which can consume significant amount of resources with...
CVE-2026-55766 guzzlehttp/psr7: CRLF Injection in HTTP Start-Line Serialization
guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain first-party HTTP start-line fields: the request method, protocol version, and response reason phrase. If an application placed attacker-controlled dat...
OSV-2026-354 Use-of-uninitialized-value in pcpp::MplsLayer::toString
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489360236 Crash type: Use-of-uninitialized-value Crash state: pcpp::MplsLayer::toString FuzzTarget.cpp pcpp::RawPacket::RawPacket...
EUVD-2021-2489
Malware in sbrugna...
EUVD-2022-5887
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-22095
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the...
CVE-2021-22095
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
Twig 安全漏洞
Twig is a PHP template engine open-sourced by Twig. Twig has a security vulnerability that stems from the fact that when an object is part of an array or parameter list in a sandbox, an attacker can call the toString method on the object even if the security policy does not allow it...
SUSE CVE-2005-0141
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab...
Unhandled crash in npm posix
This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...
CVE-2022-21211
This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...
Design/Logic Flaw
This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...
CVE-2022-21211 Denial of Service (DoS)
This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...
CVE-2022-21211
CVE-2022-21211 affects the npm package posix (all versions) and is caused by the toString method not being invokable, causing a crash (DoS) when the code falls back to a 0x0 value. The vulnerability has public discussion and proof-of-concept material (e.g., a Snyk overview with a PoC) and multipl...
GHSA-FX7F-RJQJ-52PJ Deserialization of Untrusted Data in Spring AMQP
In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString method, will deserialize a body for a message with content type application/x-java-serialized-object. It is possible to construct a malicious java.util.Dictionary object that can cause 100%...
CVE-2021-22095
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
UBUNTU-CVE-2021-22095
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
CVE-2021-22095
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...