Security Advisories - twig/twig - Packagist

twig/twig Security Advisories for v1.11.1 (4)

[HIGH] Possibility to load a template outside a configured directory when using the filesystem loader

PKSA-n7sg-8f52-pqtf CVE-2022-39261 GHSA-52m2-vc4m-jj33

Affected version: >=1.0.0,<1.44.7|>=2.0.0,<2.15.3|>=3.0.0,<3.4.3

Reported by:
GitHub, FriendsOfPHP/security-advisories
[LOW] Sandbox Information Disclosure

PKSA-6cvh-gt46-wq7q CVE-2019-9942 GHSA-vxrc-68xx-x48g

Affected version: <1.38.0|>=2.0.0,<2.7.0

Reported by:
GitHub, FriendsOfPHP/security-advisories
Remote code execution in templates

PKSA-19rw-dqx2-75hc CVE-2015-7809

Affected version: <1.20.0

Reported by:
FriendsOfPHP/security-advisories
Vulnerability in the filesystem loader

PKSA-g1zx-twcw-9z6k

Affected version: >=1.0.0,<1.12.3

Reported by:
FriendsOfPHP/security-advisories