Composer command injection via malicious branch name
Reporter | Title | Published | Views | Family All 41 |
---|---|---|---|---|
![]() | UBUNTU-CVE-2024-35242 | 10 Jun 202422:15 | – | osv |
![]() | BIT-composer-2024-35242 | 12 Jun 202407:16 | – | osv |
![]() | CGA-cf8c-xqvc-jhcx | 12 Jun 202408:05 | – | osv |
![]() | Composer has multiple command injections via malicious git/hg branch names | 10 Jun 202421:36 | – | osv |
![]() | CVE-2024-35242 | 10 Jun 202422:15 | – | osv |
![]() | composer - security update | 18 Jun 202400:00 | – | osv |
![]() | Security update for php-composer2 | 20 Jun 202414:19 | – | osv |
![]() | Security update for php-composer2 | 20 Jun 202415:33 | – | osv |
![]() | php-composer2-2.7.7-1.1 on GA media | 15 Jun 202400:00 | – | osv |
![]() | composer - security update | 19 Jun 202400:00 | – | osv |
[
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*"
],
"vendor": "fedoraproject",
"product": "fedora",
"versions": [
{
"status": "affected",
"version": "39"
},
{
"status": "affected",
"version": "40"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:getcomposer:composer:2.0:*:*:*:*:*:*:*"
],
"vendor": "getcomposer",
"product": "composer",
"versions": [
{
"status": "affected",
"version": "2.0",
"lessThan": "2.2.24",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:getcomposer:composer:2.3:*:*:*:*:*:*:*"
],
"vendor": "getcomposer",
"product": "composer",
"versions": [
{
"status": "affected",
"version": "2.3",
"lessThan": "2.7.7",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo