CVE-2024-45411: Twig has a possible sandbox bypass

First published: Mon Sep 09 2024(Updated: )

### Description Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. The security issue happens when all these conditions are met: * The sandbox is disabled globally; * The sandbox is enabled via a sandboxed `include()` function which references a template name (like `included.twig`) and not a `Template` or `TemplateWrapper` instance; * The included template has been loaded before the `include()` call but in a non-sandbox context (possible as the sandbox has been globally disabled). ### Resolution The patch ensures that the sandbox security checks are always run at runtime. ### Credits We would like to thank Fabien Potencier for reporting and fixing the issue.

Credit: security-advisories@github.com security-advisories@github.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/title
• agent/weakness
• agent/type
• agent/first-publish-date
• agent/description
• agent/author
• collector/mitre-cve
• source/MITRE
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/severity
• agent/remedy
• collector/github-advisory-latest
• source/GitHub
• alias/GHSA-6j75-5wfj-gh66
• alias/CVE-2024-45411
• agent/last-modified-date
• agent/references
• agent/tags
• agent/softwarecombine
• collector/nvd-cve
• agent/event
• collector/github-advisory
• agent/trending
• vendor/symfony
• canonical/symfony twig
• version/symfony twig/1.0.0
• version/symfony twig/2.0.0
• version/symfony twig/3.0.0
• package-manager/composer