twig/twig

License

Unknown>=v1.7.0, <v1.13.1;

Known vulnerabilities in the twig/twig package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H Allocation of Resources Without Limits or Throttling	<3.26.0
L Incorrect Authorization	>=3.9.0, <3.26.0
M Incorrect Authorization	<3.26.0
M Incorrect Authorization	>=3.24.0, <3.26.0
C Arbitrary Code Injection	>=3.15.0, <3.26.0
C Arbitrary Code Injection	<3.26.0
M Incorrect Authorization	<3.26.0
M Incorrect Authorization	>=3.9.0, <3.26.0
M Incorrect Authorization	<3.26.0
M Cross-site Scripting (XSS)	<3.26.0
M Cross-site Scripting (XSS)	>=3.0.0, <3.26.0
M Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	>=3.16.0, <3.19.0
L Protection Mechanism Failure	<3.11.2>=3.12.0, <3.14.1
L Protection Mechanism Failure	<3.11.2>=3.12.0, <3.14.1
M Protection Mechanism Failure	>=1.0.0, <1.44.8>=2.0.0, <2.16.1>=3.0.0, <3.11.1>=3.12.0, <3.14.0
M Path Traversal	>=1.0.0, <1.12.3
H Directory Traversal	<1.44.7>=2.0.0, <2.15.3>=3.0.0, <3.4.3
H Improper Input Validation	>=2.1.0, <2.14.11>=3.0.1, <3.3.8
M Access Restriction Bypass	<1.20.0
M Information Exposure	>=1.0.0, <1.38.0>=2.0.0, <2.7.0
H Arbitrary Code Execution	<1.20.0
L Arbitrary Template Inclusion	>=1.0.0, <1.12.3