10 matches found
EUVD-2023-1996
Malicious code in bioql PyPI...
CVE-2023-37473
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing callable strings ie system caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit...
CVE-2023-37473
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing callable strings ie system caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit...
Code injection
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing callable strings ie system caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit...
CVE-2023-37473 Limited code execution in zenstruck/collections
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing callable strings ie system caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit...
CVE-2023-37473 Limited code execution in zenstruck/collections
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing callable strings ie system caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit...
CVE-2023-37473
The CVE affects zenstruck/collections (PHP library). The vulnerability arises when user input is passed as a callable string (e.g., system) to EntityRepository::find() or query(), allowing arbitrary code execution. The issue has been fixed in commit f4b1c488206e1b1581b06fcd331686846f13f19c and re...
CVE-2023-37473 Limited code execution in zenstruck/collections
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing callable strings ie system caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit...
PT-2023-25985 · Unknown · Zenstruck/Collections
Name of the Vulnerable Software and Affected Versions: zenstruck/collections versions prior to 0.2.1 Description: The issue arises from passing callable strings, such as system, which causes the function to be executed. This results in a limited subset of specific user input being executed as if ...
zenstruck collections 注入漏洞
zenstruck collections is a set of helpers for iterating/paging/filtering collections from the zenstruck project. An injection vulnerability exists in zenstruck collections that stems from passing callable strings e.g., system leading to function execution...