Search CVE reports
21 – 21 of 21 results
Ignored
Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications...
2 affected packages
twig, php-twig
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| twig | — | Not in release | Not in release | Not in release | Not affected |
| php-twig | — | Not affected | Not affected | Not affected | Not in release |