Packagist (Composer) package
zenstruck/collection
pkg:composer/zenstruck/collection
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-37473 | — | < 0.2.1 | 0.2.1 | Jul 14, 2023 | zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing _callable strings_ (ie `system`) caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has be |
- CVE-2023-37473Jul 14, 2023affected < 0.2.1fixed 0.2.1
zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing _callable strings_ (ie `system`) caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has be