Search for packages
| purl | pkg:deb/debian/twig@1.16.2-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2qfc-daza-aaap
Aliases: CVE-2019-9942 GHSA-vxrc-68xx-x48g |
Sandbox Information Disclosure |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-61jk-7nam-aaaf
Aliases: CVE-2018-13818 |
** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it. |
Affected by 1 other vulnerability. |
|
VCID-bcv4-ry3v-aaab
Aliases: CVE-2022-39261 GHSA-52m2-vc4m-jj33 |
Twig may load a template outside a configured directory when using the filesystem loader |
Affected by 0 other vulnerabilities. |
|
VCID-yzvj-hyq6-aaar
Aliases: CVE-2015-7809 GHSA-xw83-pwrm-9j74 |
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the _self variable in a template. |
Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T16:55:35.970077+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:47:18.441196+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:31:30.739513+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:20:26.895287+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T10:50:00.978862+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T09:50:13.968649+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-20T23:37:26.463379+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | None | 36.1.3 |
| 2025-06-20T22:01:00.740058+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.1.3 |
| 2025-06-20T19:56:29.838624+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | None | 36.1.3 |
| 2025-06-20T19:45:33.811677+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | None | 36.1.3 |
| 2025-06-08T09:40:44.432310+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:32:32.704222+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:30:38.771190+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:44:16.581063+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:25:46.258161+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T03:38:53.550204+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T17:00:23.127994+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | None | 36.1.0 |
| 2025-06-07T15:24:35.715771+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.1.0 |
| 2025-06-07T13:46:48.140049+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | None | 36.1.0 |
| 2025-06-07T13:37:40.340765+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | None | 36.1.0 |
| 2025-04-08T08:13:09.361521+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T08:04:56.439562+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:01:56.636341+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:15:21.647501+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:55:44.623056+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:06:40.715926+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T15:33:35.174266+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | None | 36.0.0 |
| 2025-04-07T13:55:53.717961+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.0.0 |
| 2025-04-07T12:21:56.533085+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | None | 36.0.0 |
| 2025-04-07T12:13:05.652905+00:00 | Debian Oval Importer | Affected by | VCID-yzvj-hyq6-aaar | None | 36.0.0 |