Описание
Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). This issue has been patched in versions 3.11.2 and 3.14.1. All users are advised to upgrade. There are no known workarounds for this issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| php-twig | fixed | 3.14.2-1 | package | |
| php-twig | no-dsa | bookworm | package | |
| twig | removed | package |
Примечания
https://github.com/twigphp/Twig/security/advisories/GHSA-6377-hfv9-hqf6
Fixed by: https://github.com/twigphp/Twig/commit/2bb8c2460a2c519c498df9b643d5277117155a73 (v3.14.1)
EPSS
Связанные уязвимости
Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). This issue has been patched in versions 3.11.2 and 3.14.1. All users are advised to upgrade. There are no known workarounds for this issue.
Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). This issue has been patched in versions 3.11.2 and 3.14.1. All users are advised to upgrade. There are no known workarounds for this issue.
Twig has unguarded calls to `__toString()` when nesting an object into an array
EPSS