all InfoSec news
USN-5947-1: Twig vulnerabilities
March 13, 2023, 10:55 a.m. |
Ubuntu security notices ubuntu.com
policies when dealing with objects automatically cast to strings by PHP.
An attacker could possibly use this issue to expose sensitive information.
This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM.
(CVE-2019-9942)
Marlon Starkloff discovered that Twig was not properly enforcing closure
constraints in some of its array filtering functions. An attacker could
possibly use this issue to execute arbitrary code. This issue was only
fixed …
array code constraints cve functions information issue php policies sandbox sensitive information strings ubuntu usn vulnerabilities
More from ubuntu.com / Ubuntu security notices
USN-6726-2: Linux kernel (IoT) vulnerabilities
1 day, 10 hours ago |
ubuntu.com
USN-6725-2: Linux kernel (AWS) vulnerabilities
1 day, 11 hours ago |
ubuntu.com
USN-6724-2: Linux kernel vulnerabilities
1 day, 12 hours ago |
ubuntu.com
USN-6736-1: klibc vulnerabilities
1 day, 20 hours ago |
ubuntu.com
USN-6735-1: Node.js vulnerabilities
1 day, 20 hours ago |
ubuntu.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Ford Pro Tech and FCSD Tech – Product Manager, Cyber Security
@ Ford Motor Company | Chennai, Tamil Nadu, India
Cloud Data Encryption and Cryptography Automation Expert
@ Ford Motor Company | Chennai, Tamil Nadu, India
SecOps Analyst
@ Atheneum | Berlin, Berlin, Germany
Consulting Director, Cloud Security, Proactive Services (Unit 42)
@ Palo Alto Networks | Santa Clara, CA, United States