VulnerableCode Package Details - pkg:deb/debian/php-twig@3.5.1-1%2Bdeb12u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-272f-nexb-tqe8 Aliases: CVE-2025-24374 GHSA-3xg3-cgvq-2xwr	Twig security issue where escaping was missing when using null coalesce operator When using the `??` operator, output escaping was missing for the expression on the left side of the operator.	3.20.0-2 Affected by 0 other vulnerabilities.
VCID-8921-71jv-uubp Aliases: CVE-2024-51754 GHSA-6377-hfv9-hqf6	Twig has unguarded calls to `__toString()` when nesting an object into an array ### Description In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). ### Resolution The sandbox mode now checks the `__toString()` method call on all objects. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/cafc608ece310e62a35a76f17e25c04ab9ed05cc) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/d4a302681bca9f7c6ce2835470d53609cdf3e23e) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Fabien Potencier for providing the fix.	3.20.0-2 Affected by 0 other vulnerabilities.
VCID-zwzx-hces-hkfk Aliases: CVE-2024-51755 GHSA-jjxq-ff2g-95vh	Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled ### Description In a sandbox, and attacker can access attributes of Array-like objects as they were not checked by the security policy. They are now checked via the property policy and the `__isset()` method is now called after the security check. This is a BC break. ### Resolution The sandbox mode now ensures access to array-like's properties is allowed. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/ec39a9dccc5fb4eaaba55e5d79a6f84a8dd8b69d) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/b957e5a44cc0075d04ccff52f8fa9d8e6db3e3a0) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Nicolas Grekas for providing the fix.	3.20.0-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-272f-nexb-tqe8
Aliases:
CVE-2025-24374
GHSA-3xg3-cgvq-2xwr

Twig security issue where escaping was missing when using null coalesce operator When using the `??` operator, output escaping was missing for the expression on the left side of the operator.

3.20.0-2
Affected by 0 other vulnerabilities.

VCID-8921-71jv-uubp
Aliases:
CVE-2024-51754
GHSA-6377-hfv9-hqf6

Twig has unguarded calls to `__toString()` when nesting an object into an array ### Description In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). ### Resolution The sandbox mode now checks the `__toString()` method call on all objects. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/cafc608ece310e62a35a76f17e25c04ab9ed05cc) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/d4a302681bca9f7c6ce2835470d53609cdf3e23e) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Fabien Potencier for providing the fix.

3.20.0-2
Affected by 0 other vulnerabilities.

VCID-zwzx-hces-hkfk
Aliases:
CVE-2024-51755
GHSA-jjxq-ff2g-95vh

Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled ### Description In a sandbox, and attacker can access attributes of Array-like objects as they were not checked by the security policy. They are now checked via the property policy and the `__isset()` method is now called after the security check. **This is a BC break.** ### Resolution The sandbox mode now ensures access to array-like's properties is allowed. The patch for this issue is available [here](https://github.com/twigphp/Twig/commit/ec39a9dccc5fb4eaaba55e5d79a6f84a8dd8b69d) for the 3.11.x branch, and [here](https://github.com/twigphp/Twig/commit/b957e5a44cc0075d04ccff52f8fa9d8e6db3e3a0) for the 3.x branch. ### Credits We would like to thank Jamie Schouten for reporting the issue and Nicolas Grekas for providing the fix.

3.20.0-2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T16:00:46.717328+00:00	Debian Importer	Affected by	VCID-272f-nexb-tqe8	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-07-01T15:57:02.667260+00:00	Debian Importer	Affected by	VCID-8921-71jv-uubp	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-07-01T15:33:51.284117+00:00	Debian Importer	Affected by	VCID-zwzx-hces-hkfk	https://security-tracker.debian.org/tracker/data/json	36.1.3