exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2021-41116

больше 4 лет назад

Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.

CVSS3: 8.2

EPSS: Низкий

CVE-2021-41116

больше 4 лет назад

Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.

CVSS3: 8.2

EPSS: Низкий

CVE-2021-41116

больше 4 лет назад

Composer is an open source dependency manager for the PHP language. In ...

CVSS3: 8.2

EPSS: Низкий

GHSA-frqg-7g38-6gcf

больше 4 лет назад

Improper escaping of command arguments on Windows leading to command injection

CVSS3: 8.2

EPSS: Низкий

openSUSE-SU-2022:0132-1

больше 3 лет назад

Security update for php-composer

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-41116 Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.	CVSS3: 8.2	1% Низкий	больше 4 лет назад
CVE-2021-41116 Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.	CVSS3: 8.2	1% Низкий	больше 4 лет назад
CVE-2021-41116 Composer is an open source dependency manager for the PHP language. In ...	CVSS3: 8.2	1% Низкий	больше 4 лет назад
GHSA-frqg-7g38-6gcf Improper escaping of command arguments on Windows leading to command injection	CVSS3: 8.2	1% Низкий	больше 4 лет назад
openSUSE-SU-2022:0132-1 Security update for php-composer			больше 3 лет назад

Уязвимостей на страницу