{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T18:53:37.325","vulnerabilities":[{"cve":{"id":"CVE-2024-51755","sourceIdentifier":"security-advisories@github.com","published":"2024-11-06T20:15:06.077","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Twig is a template language for PHP. In a sandbox, an attacker can access attributes of Array-like objects as they were not checked by the security policy. They are now checked via the property policy and the `__isset()` method is now called after the security check. This is a BC break. This issue has been patched in versions 3.11.2 and 3.14.1. All users are advised to upgrade. There are no known workarounds for this issue."},{"lang":"es","value":"Twig es un lenguaje de plantillas para PHP. En un entorno aislado, un atacante puede acceder a los atributos de objetos similares a matrices, ya que no fueron comprobados por la política de seguridad. Ahora se comprueban a través de la política de propiedades y se llama al método `__isset()` después de la comprobación de seguridad. Esto es una falla de BC. Este problema se ha corregido en las versiones 3.11.2 y 3.14.1. Se recomienda a todos los usuarios que actualicen. No hay workarounds para este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.2,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-668"}]}],"references":[{"url":"https://github.com/twigphp/Twig/commit/831c148e786178e5f2fde9db67266be3bf241c21","source":"security-advisories@github.com"},{"url":"https://github.com/twigphp/Twig/security/advisories/GHSA-jjxq-ff2g-95vh","source":"security-advisories@github.com"}]}}]}