Описание
Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | not-affected | code not present |
| oracular | not-affected | code not present |
| plucky | not-affected | |
| questing | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0.
Twig is a template language for PHP. When using the ?? operator, outpu ...
Twig security issue where escaping was missing when using null coalesce operator
EPSS
4.3 Medium
CVSS3