Possibility to load a template outside a configured directory when using the filesystem loader

CVE-2022-39261

Affected version: >=1.0.0,<1.44.7|>=2.0.0,<2.15.3|>=3.0.0,<3.4.3

Reported by:
GitHub, FriendsOfPHP/security-advisories

Sandbox Information Disclosure

CVE-2019-9942

Affected version: <1.38.0|>=2.0.0,<2.7.0

Reported by:
GitHub, FriendsOfPHP/security-advisories

Remote code execution in templates

CVE-2015-7809

Affected version: <1.20.0

Reported by:
FriendsOfPHP/security-advisories

Vulnerability in the filesystem loader

Affected version: >=1.0.0,<1.12.3

Reported by:
FriendsOfPHP/security-advisories