Information on source package php-twig

Available versions

ReleaseVersion
bullseye2.14.3-1+deb11u2
bullseye (security)2.14.3-1+deb11u4
bookworm3.5.1-1+deb12u1
trixie3.20.0-2
sid3.26.0-1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2026-47730fixedvulnerablevulnerablefixed
CVE-2026-46640fixedfixedvulnerablefixed
CVE-2026-46638vulnerablevulnerablevulnerablefixed
CVE-2026-46637vulnerablevulnerablevulnerablefixed
CVE-2026-46635vulnerablevulnerablevulnerablefixed
CVE-2026-46634fixedfixedvulnerablefixed
CVE-2026-46633vulnerablevulnerablevulnerablefixed
CVE-2026-46629vulnerablevulnerablevulnerablefixed
CVE-2026-46628vulnerablevulnerablevulnerablefixed
CVE-2026-46627vulnerablevulnerablevulnerablefixed
CVE-2026-24425vulnerablevulnerablevulnerablefixedTwig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass ...
CVE-2025-24374vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedTwig is a template language for PHP. When using the ?? operator, outpu ...
CVE-2024-51755vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedTwig is a template language for PHP. In a sandbox, an attacker can acc ...
CVE-2024-51754fixedvulnerable (no DSA)fixedfixedTwig is a template language for PHP. In a sandbox, an attacker can cal ...

Resolved issues

BugDescription
CVE-2026-47732
CVE-2026-46639
CVE-2024-45411Twig is a template language for PHP. Under some circumstances, the san ...
CVE-2022-39261Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x ...
CVE-2022-23614Twig is an open source template language for PHP. When in a sandbox mo ...

Security announcements

DSA / DLADescription
DLA-4186-1php-twig - security update
DSA-5771-1php-twig - security update
DLA-3888-1php-twig - security update
DSA-5248-1php-twig - security update
DSA-5107-1php-twig - security update
Search for package or bug name: Reporting problems