twig/twig Security Advisories for v2.4.1 (3)
-
[HIGH] Possibility to load a template outside a configured directory when using the filesystem loader
PKSA-n7sg-8f52-pqtf CVE-2022-39261 GHSA-52m2-vc4m-jj33
Affected version: >=1.0.0,<1.44.7|>=2.0.0,<2.15.3|>=3.0.0,<3.4.3
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] Disallow non closures in the sort filter
PKSA-8kk8-h2xr-h5nx CVE-2022-23614 GHSA-5mv2-rx3q-4w2v
Affected version: >=2.0.0,<2.14.11|>=3.0.0,<3.3.8
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[LOW] Sandbox Information Disclosure
PKSA-6cvh-gt46-wq7q CVE-2019-9942 GHSA-vxrc-68xx-x48g
Affected version: <1.38.0|>=2.0.0,<2.7.0
Reported by:
GitHub, FriendsOfPHP/security-advisories