[Git][security-tracker-team/security-tracker][master] new twig issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 27 19:18:42 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
89d1f5d9 by Moritz Muehlenhoff at 2026-05-27T20:18:28+02:00
new twig issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2026-46636
+	- php-twig <unfixed>
+	NOTE: https://symfony.com/blog/cve-2026-46636-sandbox-filter-tag-and-function-allow-list-bypass-when-sandbox-state-changes-between-renders
+CVE-2026-48806
+	- php-twig <unfixed>
+	[trixie] - php-twig <not-affected> (Fix for CVE-2026-47732 not yet shipped)
+	[bookworm] - php-twig <not-affected> (Fix for CVE-2026-47732 not yet shipped)
+	[bullseye] - php-twig <not-affected> (Fix for CVE-2026-47732 not yet shipped)
+	NOTE: https://symfony.com/blog/cve-2026-48806-sandbox-tostring-policy-bypass-via-dynamic-mapping-keys
+CVE-2026-48807
+	- php-twig <unfixed>
+	[trixie] - php-twig <not-affected> (Fix for CVE-2026-47732 not yet shipped)
+	[bookworm] - php-twig <not-affected> (Fix for CVE-2026-47732 not yet shipped)
+	[bullseye] - php-twig <not-affected> (Fix for CVE-2026-47732 not yet shipped)
+	NOTE: https://symfony.com/blog/cve-2026-48807-sandbox-tostring-policy-bypass-via-traversable-in-join-replace-and-in-not-in-operators
+CVE-2026-48808
+	- php-twig <unfixed>
+	[trixie] - php-twig <not-affected> (Fix for CVE-2026-46635 not yet shipped)
+	[bookworm] - php-twig <not-affected> (Fix for CVE-2026-46635 not yet shipped)
+	[bullseye] - php-twig <not-affected> (Fix for CVE-2026-46635 not yet shipped)
+	NOTE: https://symfony.com/blog/cve-2026-48808-sandbox-property-allowlist-bypass-via-the-column-filter-under-sourcepolicyinterface
+CVE-2026-48805
+	- php-twig <unfixed>
+	NOTE: https://symfony.com/blog/cve-2026-48805-sandbox-state-regression-in-deprecated-internal-wrappers-in-src-resources-core-php
 CVE-2026-47770
 	- jq 1.8.1-7
 	NOTE: https://github.com/jqlang/jq/commit/7122866869960b55cea3646bc91334ef55787831



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89d1f5d98c6fd03d55a81016752d2613eba2ebc5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89d1f5d98c6fd03d55a81016752d2613eba2ebc5
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260527/3b4ad325/attachment.htm>

More information about the debian-security-tracker-commits mailing list