rpm package
opensuse/php-composer&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/php-composer&distro=openSUSE%20Leap%2015.2
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-29472 | — | < 1.10.22-bp153.2.3.1 | 1.10.22-bp153.2.3.1 | Apr 27, 2021 | Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercurial is installed on the system. |
- CVE-2021-29472Apr 27, 2021affected < 1.10.22-bp153.2.3.1fixed 1.10.22-bp153.2.3.1
Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercurial is installed on the system.