Lucene search
HistoryNov 06, 2015 - 9:59 p.m.
CVE-2015-7809
cve
2015
7809
remote code execution
sensio labs twig
security vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.072
Percentile
94.1%
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the _self variable in a template.
Affected configurations
Node
symfonytwigRange≤1.19.0
Related
friendsofphp
friendsofphp
Remote code execution in templates
2015-08-12 15:53:50
openvas
openvas
Debian: Security Advisory (DSA-3343-1)
2015-08-25 00:00:00
Debian Security Advisory DSA 3343-1 (twig - security update)
2015-08-26 00:00:00
ubuntucve
ubuntucve
CVE-2015-7809
2015-11-06 00:00:00
osv
osv
twig - security update
2015-08-26 00:00:00
nessus
nessus
Debian DSA-3343-1 : twig - security update
2015-08-27 00:00:00
github
github
Twig remote code execution in templates
2022-05-14 02:03:50
nvd
nvd
CVE-2015-7809
2015-11-06 21:59:12
veracode
veracode
Arbitrary Code Execution
2017-07-19 22:37:00
debiancve
debiancve
CVE-2015-7809
2015-11-06 21:59:12
cvelist
cvelist
CVE-2015-7809
2015-11-06 21:00:00
prion
prion
Code injection
2015-11-06 21:59:00
freebsd
freebsd
pear-twig -- remote code execution
2015-08-12 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.072
Percentile
94.1%
Related for CVE-2015-7809