[Git][security-tracker-team/security-tracker][master] php-twig fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu May 21 12:18:07 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7393e999 by Moritz Muehlenhoff at 2026-05-21T13:17:41+02:00
php-twig fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2,43 +2,43 @@ CVE-2026-47732
 	- php-twig <not-affected> (Introduced in 3.25)
 	NOTE: https://symfony.com/blog/cve-2026-47732-sandbox-multiple-tostring-policy-bypasses-via-unguarded-string-coercion-points
 CVE-2026-46634
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	[bookworm] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.9.0)
 	[bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.9.0)
 	NOTE: https://symfony.com/blog/cve-2026-46634-template-from-string-escapes-a-sourcepolicy-driven-sandbox-via-synthesized-template-name
 CVE-2026-46627
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-46627-sandbox-does-not-protect-against-resource-exhaustion
 CVE-2026-46635
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-46635-sandbox-property-allowlist-bypass-via-the-column-filter-array-column-on-objects
 CVE-2026-46628
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-46628-the-spaceless-filter-implicitly-marks-its-output-as-safe
 CVE-2026-46629
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-46629-unbounded-formatter-memoisation-in-twig-intl-extra-keyed-on-template-controlled-arguments
 CVE-2026-46633
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-46633-php-code-injection-via-use-template-name
 CVE-2026-47730
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	[bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.0.0)
 	NOTE: https://symfony.com/blog/cve-2026-47730-xss-in-profiler-htmldumper-via-unescaped-template-and-profile-names
 CVE-2026-46637
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-46637-html-output-filters-in-twig-extras-incorrectly-declared-is-safe-all
 CVE-2026-46638
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-46638-sandbox-include-skips-checksecurity-on-cached-templates-incomplete-fix-for-cve-2024-45411
 CVE-2026-46639
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	[trixie] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.24)
 	[bookworm] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.24)
 	[bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.24)
 	NOTE: https://symfony.com/blog/cve-2026-46639-sandbox-property-and-method-bypass-via-object-destructuring-assignment
 CVE-2026-46640
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	[bookworm] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.15)
 	[bullseye] - php-twig <not-affected> (Vulnerable code not present, introduced in 3.15)
 	NOTE: https://symfony.com/blog/cve-2026-46640-arbitrary-php-code-execution-via-self-string-macro-reference-compilation
@@ -390,7 +390,7 @@ CVE-2026-25602 (Insufficient Verification of Data Authenticity vulnerability in
 CVE-2026-24573 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24425 (Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass ...)
-	- php-twig <unfixed>
+	- php-twig 3.26.0-1
 	NOTE: https://symfony.com/blog/cve-2026-24425-possible-sandbox-bypass-when-using-a-source-policy
 CVE-2026-22554 (MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vu ...)
 	TODO: check



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7393e9991c712a66db17772d984cc5d2371efb96

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7393e9991c712a66db17772d984cc5d2371efb96
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260521/3d3984fa/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list