CVE-2025-24374 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerabi…
Medium CVSS: 4.3

CVE-2025-24374

Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0.
Vendor
-
Product
-
CWE
CWE-74
Yayın Tarihi
2025-01-29 16:15:44
Güncelleme
2025-01-29 16:15:44
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-74 MEDIUM 2025

Referanslar

https://github.com/twigphp/Twig/commit/38576b12f05df3cc871bf68f39ccb46b418334a3 https://github.com/twigphp/Twig/security/advisories/GHSA-3xg3-cgvq-2xwr