Lucene search
Veracode Vulnerability DatabaseVERACODE:32387HistoryOct 05, 2021 - 8:05 p.m.
Supply Chain Attack
2021-10-0520:05:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.003 Low
EPSS
Percentile
68.2%
composer is vulnerable to supply chain attack. The vulnerability exists due to a lack of validation of untrusted dependencies which allows command injection via dependencies during installation.
Related
prion
prion
Command injection
2021-10-05 18:15:00
debiancve
debiancve
CVE-2021-41116
2021-10-05 18:15:08
alpinelinux
alpinelinux
CVE-2021-41116
2021-10-05 18:15:08
osv
osv
BIT-composer-2021-41116
2024-03-06 10:51:26
CVE-2021-41116
2021-10-05 18:15:08
ubuntucve
ubuntucve
CVE-2021-41116
2021-10-05 00:00:00
nvd
nvd
CVE-2021-41116
2021-10-05 18:15:08
github
github
friendsofphp
friendsofphp
cvelist
cvelist
CVE-2021-41116 Command injection in composer on Windows
2021-10-05 17:40:10
cve
cve
CVE-2021-41116
2021-10-05 18:15:08
suse
suse
Security update for php-composer (important)
2022-05-10 00:00:00
nessus
nessus
openSUSE 15 Security Update : php-composer (openSUSE-SU-2022:0132-1)
2022-05-11 00:00:00
Tenable SecurityCenter < 5.21.0 Multiple Vulnerabilities (TNS-2022-09)
2022-05-10 00:00:00