Search for packages
| purl | pkg:deb/debian/twig@1.24.0-2%2Bdeb9u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2qfc-daza-aaap
Aliases: CVE-2019-9942 GHSA-vxrc-68xx-x48g |
Sandbox Information Disclosure |
Affected by 1 other vulnerability. |
|
VCID-61jk-7nam-aaaf
Aliases: CVE-2018-13818 |
** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it. |
Affected by 1 other vulnerability. |
|
VCID-bcv4-ry3v-aaab
Aliases: CVE-2022-39261 GHSA-52m2-vc4m-jj33 |
Twig may load a template outside a configured directory when using the filesystem loader |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2qfc-daza-aaap | Sandbox Information Disclosure |
CVE-2019-9942
GHSA-vxrc-68xx-x48g |
| VCID-yzvj-hyq6-aaar | The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the _self variable in a template. |
CVE-2015-7809
GHSA-xw83-pwrm-9j74 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-22T00:39:25.062716+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.1.3 |
| 2025-06-21T16:55:35.973900+00:00 | Debian Oval Importer | Fixing | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:47:18.445426+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:31:30.744778+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:20:26.899458+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T10:50:00.984096+00:00 | Debian Oval Importer | Fixing | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-20T23:37:26.467365+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | None | 36.1.3 |
| 2025-06-20T23:08:46.863965+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | None | 36.1.3 |
| 2025-06-20T22:01:00.744320+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.1.3 |
| 2025-06-20T20:15:30.946692+00:00 | Debian Oval Importer | Fixing | VCID-yzvj-hyq6-aaar | None | 36.1.3 |
| 2025-06-20T19:56:29.842171+00:00 | Debian Oval Importer | Fixing | VCID-2qfc-daza-aaap | None | 36.1.3 |
| 2025-06-08T09:40:44.435965+00:00 | Debian Oval Importer | Fixing | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:32:32.707389+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:30:38.774852+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:44:16.584209+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:25:46.262281+00:00 | Debian Oval Importer | Fixing | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-07T17:00:23.131224+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | None | 36.1.0 |
| 2025-06-07T16:31:56.483138+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | None | 36.1.0 |
| 2025-06-07T15:24:35.718972+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.1.0 |
| 2025-06-07T13:55:31.240642+00:00 | Debian Oval Importer | Fixing | VCID-yzvj-hyq6-aaar | None | 36.1.0 |
| 2025-06-07T13:46:48.152032+00:00 | Debian Oval Importer | Fixing | VCID-2qfc-daza-aaap | None | 36.1.0 |
| 2025-04-08T08:13:09.372074+00:00 | Debian Oval Importer | Fixing | VCID-yzvj-hyq6-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T08:04:56.451848+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:01:56.646700+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:15:21.657643+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:55:44.632873+00:00 | Debian Oval Importer | Fixing | VCID-2qfc-daza-aaap | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-07T15:33:35.185447+00:00 | Debian Oval Importer | Affected by | VCID-bcv4-ry3v-aaab | None | 36.0.0 |
| 2025-04-07T15:03:58.701100+00:00 | Debian Oval Importer | Affected by | VCID-2qfc-daza-aaap | None | 36.0.0 |
| 2025-04-07T13:55:53.728682+00:00 | Debian Oval Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.0.0 |
| 2025-04-07T12:30:16.874158+00:00 | Debian Oval Importer | Fixing | VCID-yzvj-hyq6-aaar | None | 36.0.0 |
| 2025-04-07T12:21:56.544064+00:00 | Debian Oval Importer | Fixing | VCID-2qfc-daza-aaap | None | 36.0.0 |
| 2025-04-05T19:37:56.389819+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 36.0.0 |
| 2025-02-19T01:27:34.033649+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 35.1.0 |
| 2024-11-21T23:04:08.426624+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 35.0.0 |
| 2024-11-19T22:08:29.976133+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 34.3.2 |
| 2024-10-08T23:14:35.661288+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 34.0.2 |
| 2024-09-18T11:31:05.272117+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 34.0.1 |
| 2024-04-24T12:27:42.729141+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 34.0.0rc4 |
| 2024-01-10T14:21:47.210785+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 34.0.0rc2 |
| 2024-01-04T05:19:37.743017+00:00 | Debian Importer | Affected by | VCID-61jk-7nam-aaaf | None | 34.0.0rc1 |