Vulnerabilidades en composer
11 resultadosCVE-2021-29472HIGHMissing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial in composerEPSS 4.8%CVE-2024-35242HIGHComposer vulnerable to command injection via malicious git/hg branch namesEPSS 3.3%CVE-2021-41116HIGHCommand injection in composer on WindowsEPSS 2.9%CVE-2022-24828HIGHMissing input validation can lead to command execution in composerEPSS 1.8%CVE-2023-43655MEDIUMRemote Code Execution via web-accessible composer.pharEPSS 1.4%CVE-2026-40261HIGHComposer has Command Injection via Malicious Perforce ReferenceEPSS 1.3%CVE-2024-35241HIGHComposer vulnerable to command injection via malicious git branch nameEPSS 1.0%CVE-2026-40176HIGHComposer is vulnerable to Command Injection via Malicious Perforce RepositoryEPSS 1.0%CVE-2025-67746LOWComposer vulnerable to ANSI sequence injectionEPSS 0.4%CVE-2020-15145MEDIUMLocal privilege elevation in Composer-Setup for WindowsEPSS 0.4%CVE-2024-24821HIGHCode execution and possible privilege escalation via compromised InstalledVersions.php or installed.php in ComposerEPSS 0.3%