Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: d4f16921 by Moritz Muehlenhoff at 2026-05-21T10:15:49+02:00 new php-twig issues - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,47 @@ +CVE-2026-47732 + - php-twig <not-affected> (Introduced in 3.25) + NOTE: https://symfony.com/blog/cve-2026-47732-sandbox-multiple-tostring-policy-bypasses-via-unguarded-string-coercion-points +CVE-2026-46634 + - php-twig <unfixed> + [bookworm] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.9.0) + [bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.9.0) + NOTE: https://symfony.com/blog/cve-2026-46634-template-from-string-escapes-a-sourcepolicy-driven-sandbox-via-synthesized-template-name +CVE-2026-46627 + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-46627-sandbox-does-not-protect-against-resource-exhaustion +CVE-2026-46635 + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-46635-sandbox-property-allowlist-bypass-via-the-column-filter-array-column-on-objects +CVE-2026-46628 + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-46628-the-spaceless-filter-implicitly-marks-its-output-as-safe +CVE-2026-46629 + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-46629-unbounded-formatter-memoisation-in-twig-intl-extra-keyed-on-template-controlled-arguments +CVE-2026-46633 + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-46633-php-code-injection-via-use-template-name +CVE-2026-47730 + - php-twig <unfixed> + [bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.0.0) + NOTE: https://symfony.com/blog/cve-2026-47730-xss-in-profiler-htmldumper-via-unescaped-template-and-profile-names +CVE-2026-46637 + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-46637-html-output-filters-in-twig-extras-incorrectly-declared-is-safe-all +CVE-2026-46638 + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-46638-sandbox-include-skips-checksecurity-on-cached-templates-incomplete-fix-for-cve-2024-45411 +CVE-2026-46639 + - php-twig <unfixed> + [trixie] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.24) + [bookworm] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.24) + [bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.24) + NOTE: https://symfony.com/blog/cve-2026-46639-sandbox-property-and-method-bypass-via-object-destructuring-assignment +CVE-2026-46640 + - php-twig <unfixed> + [bookworm] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.15) + [bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.15) + NOTE: https://symfony.com/blog/cve-2026-46640-arbitrary-php-code-execution-via-self-string-macro-reference-compilation CVE-2026-9152 (A missing authentication vulnerability exists in the Altium 365 Search ...) NOT-FOR-US: Altium CVE-2026-9150 (A flaw was found in libsolv. This stack-based buffer overflow vulnerab ...) @@ -346,7 +390,8 @@ CVE-2026-25602 (Insufficient Verification of Data Authenticity vulnerability in CVE-2026-24573 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) NOT-FOR-US: WordPress plugin or theme CVE-2026-24425 (Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass ...) - TODO: check + - php-twig <unfixed> + NOTE: https://symfony.com/blog/cve-2026-24425-possible-sandbox-bypass-when-using-a-source-policy CVE-2026-22554 (MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vu ...) TODO: check CVE-2026-22315 (Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client L ...) ===================================== data/dsa-needed.txt ===================================== @@ -87,6 +87,8 @@ pdfminer (carnil) -- php-laravel-framework/oldstable -- +php-twig +-- python-aiohttp/oldstable -- rtpengine View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4f16921b3673ea964a3adc01a13db029b08ab27 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4f16921b3673ea964a3adc01a13db029b08ab27 You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
