Lucene search
SuseOPENSUSE-SU-2022:0132-1HistoryMay 10, 2022 - 12:00 a.m.
Security update for php-composer (important)
2022-05-1000:00:00
lists.opensuse.org
31
php-composer
update
vulnerabilities
command injection
hgdriver
gitdriver
EPSS
0.004
Percentile
73.7%
An update that fixes two vulnerabilities is now available.
Description:
This update for php-composer fixes the following issues:
php-composer was updated to version 1.10.26:
- Security: Fixed command injection vulnerability in HgDriver/GitDriver:
CVE-2022-24828 boo#1198494
Update to version 1.10.25
- Fix regression with PHP 8.1.0 and 8.1.1
Update to version 1.10.24
- Fixed PHP 8.1 compatibility
Update to version 1.10.23
- Security: Fixed command injection vulnerability CVE-2021-41116
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-132=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP3 | noarch | - opensuse backports sle | < 15-SP3 (noarch): | - openSUSE Backports SLE-15-SP3 (noarch):.noarch.rpm |
Related
nessus
nessus
openSUSE 15 Security Update : php-composer (openSUSE-SU-2022:0132-1)
2022-05-11 00:00:00
SUSE SLES15 Security Update : php-composer2 (SUSE-SU-2022:3020-1)
2022-09-06 00:00:00
prion
prion
Command injection
2021-10-05 18:15:00
Code injection
2022-04-13 21:15:00
debiancve
debiancve
CVE-2021-41116
2021-10-05 18:15:08
CVE-2022-24828
2022-04-13 21:15:07
ubuntucve
ubuntucve
CVE-2021-41116
2021-10-05 00:00:00
CVE-2022-24828
2022-04-13 00:00:00
alpinelinux
alpinelinux
CVE-2021-41116
2021-10-05 18:15:08
CVE-2022-24828
2022-04-13 21:15:07
osv
osv
BIT-composer-2021-41116
2024-03-06 10:51:26
php-composer2-2.1.12-1.1 on GA media
2024-06-15 00:00:00
veracode
veracode
Supply Chain Attack
2021-10-05 20:05:41
Remote Code Execution (RCE)
2022-04-14 07:25:40
fedora
fedora
[SECURITY] Fedora 34 Update: composer-2.2.12-1.fc34
2022-04-21 20:57:39
[SECURITY] Fedora 35 Update: composer-2.3.5-1.fc35
2022-04-21 21:22:30
[SECURITY] Fedora 36 Update: composer-2.3.5-1.fc36
2022-05-07 05:00:15
openvas
openvas
Fedora: Security Advisory for composer (FEDORA-2022-60ec715192)
2022-05-08 00:00:00
openSUSE: Security Advisory for php-composer2 (SUSE-SU-2022:3020-1)
2022-09-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3020-1)
2022-09-05 00:00:00
nvd
nvd
CVE-2021-41116
2021-10-05 18:15:08
CVE-2022-24828
2022-04-13 21:15:07
github
github
Missing input validation can lead to command execution in composer
2022-04-22 20:15:38
cve
cve
CVE-2022-24828
2022-04-13 21:15:07
CVE-2021-41116
2021-10-05 18:15:08
friendsofphp
friendsofphp
Missing input validation can lead to command execution in composer
2022-04-13 14:54:58
cvelist
cvelist
CVE-2021-41116 Command injection in composer on Windows
2021-10-05 17:40:10
suse
suse
Security update for php-composer2 (important)
2022-09-05 00:00:00
freebsd
freebsd
Composer -- Command injection vulnerability
2022-04-13 00:00:00
thn
thn
Researchers Report Supply Chain Vulnerability in Packagist PHP Repository
2022-10-04 15:09:00
redos
redos
ROS-20240626-10
2024-06-26 00:00:00