Vulnerabilities > Symfony > Twig > 1.38.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-09 | CVE-2024-45411 | Unspecified vulnerability in Symfony Twig Twig is a template language for PHP. | 8.6 |
| 2022-09-28 | CVE-2022-39261 | Path Traversal vulnerability in multiple products Twig is a template language for PHP. | 7.5 |
| 2018-07-10 | CVE-2018-13818 | Code Injection vulnerability in Symfony Twig Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. | 9.8 |
| 2001-12-31 | CVE-2001-1537 | Cleartext Storage of Sensitive Information vulnerability in Symfony Twig The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges. | 7.5 |