SB2025021858 - Debian update for php-twig

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025021858

SB2025021858 - Debian update for php-twig

Published: February 18, 2025

Security Bulletin ID SB2025021858
CSH Severity
High
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Protection Mechanism Failure (CVE-ID: CVE-2024-45411)

CWE-ID: CWE-693 - Protection Mechanism Failure

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to sandbox security checks are not run under some circumstances. An attacker can bypass the sandbox restrictions.


Remediation

Install update from vendor's website.

References