VulnerableCode Package Details - pkg:deb/debian/php-twig@3.20.0-2

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1au7-86r7-8qdn	Twig has unguarded calls to `__toString()` when nesting an object into an array ### Description In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). ### Resolution The sandbox mode now checks the `__toString()` method call on all objects. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/cafc608ece310e62a35a76f17e25c04ab9ed05cc) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/d4a302681bca9f7c6ce2835470d53609cdf3e23e) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Fabien Potencier for providing the fix.	CVE-2024-51754 GHSA-6377-hfv9-hqf6
VCID-2mrj-u2wu-wkhv	Twig security issue where escaping was missing when using null coalesce operator When using the `??` operator, output escaping was missing for the expression on the left side of the operator.	CVE-2025-24374 GHSA-3xg3-cgvq-2xwr
VCID-cd24-q2ys-yfbe	Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled ### Description In a sandbox, and attacker can access attributes of Array-like objects as they were not checked by the security policy. They are now checked via the property policy and the `__isset()` method is now called after the security check. This is a BC break. ### Resolution The sandbox mode now ensures access to array-like's properties is allowed. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/ec39a9dccc5fb4eaaba55e5d79a6f84a8dd8b69d) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/b957e5a44cc0075d04ccff52f8fa9d8e6db3e3a0) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Nicolas Grekas for providing the fix.	CVE-2024-51755 GHSA-jjxq-ff2g-95vh

Vulnerability

Summary

Aliases

VCID-1au7-86r7-8qdn

Twig has unguarded calls to `__toString()` when nesting an object into an array ### Description In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). ### Resolution The sandbox mode now checks the `__toString()` method call on all objects. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/cafc608ece310e62a35a76f17e25c04ab9ed05cc) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/d4a302681bca9f7c6ce2835470d53609cdf3e23e) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Fabien Potencier for providing the fix.

CVE-2024-51754
GHSA-6377-hfv9-hqf6

VCID-2mrj-u2wu-wkhv

Twig security issue where escaping was missing when using null coalesce operator When using the `??` operator, output escaping was missing for the expression on the left side of the operator.

CVE-2025-24374
GHSA-3xg3-cgvq-2xwr

VCID-cd24-q2ys-yfbe

Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled ### Description In a sandbox, and attacker can access attributes of Array-like objects as they were not checked by the security policy. They are now checked via the property policy and the `__isset()` method is now called after the security check. **This is a BC break.** ### Resolution The sandbox mode now ensures access to array-like's properties is allowed. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/ec39a9dccc5fb4eaaba55e5d79a6f84a8dd8b69d) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/b957e5a44cc0075d04ccff52f8fa9d8e6db3e3a0) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Nicolas Grekas for providing the fix.

CVE-2024-51755
GHSA-jjxq-ff2g-95vh

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:12:33.986950+00:00	Debian Importer	Fixing	VCID-cd24-q2ys-yfbe	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:43:36.230964+00:00	Debian Importer	Fixing	VCID-1au7-86r7-8qdn	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:16:40.798609+00:00	Debian Importer	Fixing	VCID-2mrj-u2wu-wkhv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:21:06.173042+00:00	Debian Importer	Fixing	VCID-cd24-q2ys-yfbe	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:15:13.080210+00:00	Debian Importer	Fixing	VCID-1au7-86r7-8qdn	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:12:02.450011+00:00	Debian Importer	Fixing	VCID-2mrj-u2wu-wkhv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T19:33:25.142737+00:00	Debian Importer	Fixing	VCID-cd24-q2ys-yfbe	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:49:20.328510+00:00	Debian Importer	Fixing	VCID-1au7-86r7-8qdn	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-04T18:00:19.738523+00:00	Debian Importer	Fixing	VCID-2mrj-u2wu-wkhv	https://security-tracker.debian.org/tracker/data/json	38.1.0