Vulnerabilities > Getcomposer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-09 | CVE-2024-24821 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Getcomposer Composer Composer is a dependency Manager for the PHP language. | 7.8 |
2023-09-29 | CVE-2023-43655 | Injection vulnerability in multiple products Composer is a dependency manager for PHP. | 8.8 |
2023-09-21 | CVE-2015-8371 | Insufficient Verification of Data Authenticity vulnerability in Getcomposer Composer 1.0.0 Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. | 8.8 |
2022-04-13 | CVE-2022-24828 | Argument Injection or Modification vulnerability in multiple products Composer is a dependency manager for the PHP programming language. | 8.8 |
2021-10-05 | CVE-2021-41116 | Command Injection vulnerability in multiple products Composer is an open source dependency manager for the PHP language. | 9.8 |
2021-04-27 | CVE-2021-29472 | Argument Injection or Modification vulnerability in multiple products Composer is a dependency manager for PHP. | 8.8 |
2020-08-14 | CVE-2020-15145 | Incorrect Default Permissions vulnerability in Getcomposer Composer-Setup In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. | 4.4 |