| Release | Version |
|---|---|
| buster | 1.8.4-1+deb10u2 |
| buster (security) | 1.8.4-1+deb10u1 |
| bullseye | 2.0.9-2+deb11u1 |
| bookworm | 2.5.5-1 |
| trixie | 2.6.5-1 |
| sid | 2.6.5-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2023-43655 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Composer is a dependency manager for PHP. Users publishing a composer. ... |
| Bug | Description |
|---|---|
| CVE-2022-24828 | Composer is a dependency manager for the PHP programming language. Int ... |
| CVE-2021-41116 | Composer is an open source dependency manager for the PHP language. In ... |
| CVE-2021-29472 | Composer is a dependency manager for PHP. URLs for Mercurial repositor ... |
| CVE-2015-8371 | Composer before 2016-02-10 allows cache poisoning from other projects ... |
| DSA / DLA | Description |
|---|---|
| DLA-2654-1 | composer - security update |
| DSA-4907-1 | composer - security update |