CVE-2015-7809

Description

Twig remote code execution in templates

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• http://openwall.com/lists/oss-security/2015/08/21/3
• http://openwall.com/lists/oss-security/2015/10/11/2
• http://symfony.com/blog/security-release-twig-1-20-0
• http://www.debian.org/security/2015/dsa-3343
• https://github.com/fabpot/Twig/commit/30be07759a3de2558da5224f127d052ecf492e8f
• https://github.com/twigphp/Twig/pull/1759
• https://nvd.nist.gov/vuln/detail/CVE-2015-7809
• https://github.com/twigphp/Twig/commit/30be07759a3de2558da5224f127d052ecf492e8f
• https://github.com/FriendsOfPHP/security-advisories/blob/master/twig/twig/CVE-2015-7809.yaml
• https://github.com/twigphp/Twig
• https://symfony.com/blog/security-release-twig-1-20-0

CWEs

CWE-264