Vulnerabilities > Getcomposer

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2024-24821 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Getcomposer Composer
Composer is a dependency Manager for the PHP language.
local
low complexity
getcomposer CWE-829
7.8
7.8
2023-09-29 CVE-2023-43655 Injection vulnerability in multiple products
Composer is a dependency manager for PHP.
network
low complexity
getcomposer fedoraproject CWE-74
8.8
8.8
2023-09-21 CVE-2015-8371 Insufficient Verification of Data Authenticity vulnerability in Getcomposer Composer 1.0.0
Composer before 2016-02-10 allows cache poisoning from other projects built on the same host.
network
low complexity
getcomposer CWE-345
8.8
8.8
2022-04-13 CVE-2022-24828 Argument Injection or Modification vulnerability in multiple products
Composer is a dependency manager for the PHP programming language.
network
low complexity
getcomposer tenable fedoraproject CWE-88
8.8
8.8
2021-10-05 CVE-2021-41116 Command Injection vulnerability in multiple products
Composer is an open source dependency manager for the PHP language.
network
low complexity
getcomposer tenable CWE-77
critical
 9.8
9.8
2021-04-27 CVE-2021-29472 Argument Injection or Modification vulnerability in multiple products
Composer is a dependency manager for PHP.
network
low complexity
getcomposer debian fedoraproject CWE-88
8.8
8.8
2020-08-14 CVE-2020-15145 Incorrect Default Permissions vulnerability in Getcomposer Composer-Setup
In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 		4.4
4.4