Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/squizlabs/php_codesniffer@1.5.6
purl pkg:composer/squizlabs/php_codesniffer@1.5.6
Next non-vulnerable version 2.8.1
Latest non-vulnerable version 3.0.1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-cjfu-e1rn-1qdx
Aliases:
GMS-2017-112
Arbitrary shell execution This release contains a fix for a security advisory related to the improper handling of shell commands. Uses of `shell_exec()` and `exec()` were not escaping filenames and configuration settings in most cases A properly crafted filename or configuration option would allow for arbitrary code execution when using some features. There are no reported fixed by versions.
VCID-f7xv-brzk-57hm
Aliases:
GHSA-mhfv-8rc9-w38c
GMS-2022-514
Arbitrary shell execution
2.8.1
Affected by 0 other vulnerabilities.
VCID-np7j-auay-17at
Aliases:
GMS-2017-344
Code Injection Arbitrary shell execution in php_codesniffer.
2.0.0
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-12T18:03:23.596319+00:00 GitLab Importer Affected by VCID-f7xv-brzk-57hm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/squizlabs/php_codesniffer/GMS-2022-514.yml 38.6.0
2026-06-12T16:52:29.087974+00:00 GitLab Importer Affected by VCID-cjfu-e1rn-1qdx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/squizlabs/php_codesniffer/GMS-2017-112.yml 38.6.0
2026-06-12T16:52:27.440755+00:00 GitLab Importer Affected by VCID-np7j-auay-17at https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/squizlabs/php_codesniffer/GMS-2017-344.yml 38.6.0