CVE-2025-24374

Опубликовано: 29 янв. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0.

Ссылки

EPSS

Процентиль: 34%

0.00141

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-74

Связанные уязвимости

CVE-2025-24374

CVSS3: 4.3

ubuntu

около 1 года назад

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0.

CVE-2025-24374

CVSS3: 4.3

debian

около 1 года назад

Twig is a template language for PHP. When using the ?? operator, outpu ...

GHSA-3xg3-cgvq-2xwr

CVSS3: 4.3

github

около 1 года назад

Twig security issue where escaping was missing when using null coalesce operator

EPSS

Процентиль: 34%

0.00141

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-74