{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7148?format=json","vulnerability_id":"VCID-tgj6-umnp-nug2","summary":"Remote Code Execution\nYour application is affected if you allow end users to submit Twig templates, even if you protected this template with Twig's sandbox mode. End users can craft valid Twig code that allows them to execute arbitrary code (RCEs) via the _self variable, which is always available, even in sandboxed templates.","aliases":[{"alias":"GMS-2015-19"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21186?format=json","purl":"pkg:composer/twig/twig@1.20.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.20.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/148509?format=json","purl":"pkg:composer/twig/twig@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148510?format=json","purl":"pkg:composer/twig/twig@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148511?format=json","purl":"pkg:composer/twig/twig@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148512?format=json","purl":"pkg:composer/twig/twig@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148513?format=json","purl":"pkg:composer/twig/twig@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148514?format=json","purl":"pkg:composer/twig/twig@1.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148515?format=json","purl":"pkg:composer/twig/twig@1.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/148516?format=json","purl":"pkg:composer/twig/twig@1.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/148517?format=json","purl":"pkg:composer/twig/twig@1.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/148518?format=json","purl":"pkg:composer/twig/twig@1.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/148519?format=json","purl":"pkg:composer/twig/twig@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148520?format=json","purl":"pkg:composer/twig/twig@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148521?format=json","purl":"pkg:composer/twig/twig@1.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148522?format=json","purl":"pkg:composer/twig/twig@1.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/148523?format=json","purl":"pkg:composer/twig/twig@1.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/148524?format=json","purl":"pkg:composer/twig/twig@1.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148525?format=json","purl":"pkg:composer/twig/twig@1.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148526?format=json","purl":"pkg:composer/twig/twig@1.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/148527?format=json","purl":"pkg:composer/twig/twig@1.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148528?format=json","purl":"pkg:composer/twig/twig@1.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148529?format=json","purl":"pkg:composer/twig/twig@1.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/148530?format=json","purl":"pkg:composer/twig/twig@1.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.10.3"},{"url":"http://public2.vulnerablecode.io/api/packages/148531?format=json","purl":"pkg:composer/twig/twig@1.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148532?format=json","purl":"pkg:composer/twig/twig@1.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148533?format=json","purl":"pkg:composer/twig/twig@1.12.0-RC1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.12.0-RC1"},{"url":"http://public2.vulnerablecode.io/api/packages/148534?format=json","purl":"pkg:composer/twig/twig@1.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/148535?format=json","purl":"pkg:composer/twig/twig@1.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/148536?format=json","purl":"pkg:composer/twig/twig@1.12.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-c3tf-7b2z-3fhy"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"},{"vulnerability":"VCID-ywkt-zvb8-fybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.12.2"},{"url":"http://public2.vulnerablecode.io/api/packages/20273?format=json","purl":"pkg:composer/twig/twig@1.12.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.12.3"},{"url":"http://public2.vulnerablecode.io/api/packages/152529?format=json","purl":"pkg:composer/twig/twig@1.13.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.13.0"},{"url":"http://public2.vulnerablecode.io/api/packages/152530?format=json","purl":"pkg:composer/twig/twig@1.13.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.13.1"},{"url":"http://public2.vulnerablecode.io/api/packages/152531?format=json","purl":"pkg:composer/twig/twig@1.13.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.13.2"},{"url":"http://public2.vulnerablecode.io/api/packages/152532?format=json","purl":"pkg:composer/twig/twig@1.14.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.14.0"},{"url":"http://public2.vulnerablecode.io/api/packages/152533?format=json","purl":"pkg:composer/twig/twig@1.14.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.14.1"},{"url":"http://public2.vulnerablecode.io/api/packages/152534?format=json","purl":"pkg:composer/twig/twig@1.14.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.14.2"},{"url":"http://public2.vulnerablecode.io/api/packages/152535?format=json","purl":"pkg:composer/twig/twig@1.15.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.15.0"},{"url":"http://public2.vulnerablecode.io/api/packages/152536?format=json","purl":"pkg:composer/twig/twig@1.15.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.15.1"},{"url":"http://public2.vulnerablecode.io/api/packages/152537?format=json","purl":"pkg:composer/twig/twig@1.16.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.16.0"},{"url":"http://public2.vulnerablecode.io/api/packages/152538?format=json","purl":"pkg:composer/twig/twig@1.16.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.16.1"},{"url":"http://public2.vulnerablecode.io/api/packages/152539?format=json","purl":"pkg:composer/twig/twig@1.16.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.16.2"},{"url":"http://public2.vulnerablecode.io/api/packages/152540?format=json","purl":"pkg:composer/twig/twig@1.16.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.16.3"},{"url":"http://public2.vulnerablecode.io/api/packages/152541?format=json","purl":"pkg:composer/twig/twig@1.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.17.0"},{"url":"http://public2.vulnerablecode.io/api/packages/152542?format=json","purl":"pkg:composer/twig/twig@1.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.18.0"},{"url":"http://public2.vulnerablecode.io/api/packages/152543?format=json","purl":"pkg:composer/twig/twig@1.18.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.18.1"},{"url":"http://public2.vulnerablecode.io/api/packages/152544?format=json","purl":"pkg:composer/twig/twig@1.18.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.18.2"},{"url":"http://public2.vulnerablecode.io/api/packages/152545?format=json","purl":"pkg:composer/twig/twig@1.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1au7-86r7-8qdn"},{"vulnerability":"VCID-4jwc-v1ar-q7ek"},{"vulnerability":"VCID-cd24-q2ys-yfbe"},{"vulnerability":"VCID-etje-vrfw-nbh4"},{"vulnerability":"VCID-qm9h-wdun-xkgx"},{"vulnerability":"VCID-tgj6-umnp-nug2"},{"vulnerability":"VCID-ummk-h11z-bkaj"},{"vulnerability":"VCID-xe7j-b1cs-eqct"},{"vulnerability":"VCID-xscd-caaj-kqdk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/twig/twig@1.19.0"}],"references":[{"reference_url":"https://github.com/twigphp/Twig/commit/30be07759a3de2558da5224f127d052ecf492e8f","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/twigphp/Twig/commit/30be07759a3de2558da5224f127d052ecf492e8f"},{"reference_url":"https://github.com/twigphp/Twig/pull/1759","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/twigphp/Twig/pull/1759"},{"reference_url":"https://symfony.com/blog/security-release-twig-1-20-0","reference_id":"","reference_type":"","scores":[],"url":"https://symfony.com/blog/security-release-twig-1-20-0"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tgj6-umnp-nug2"}