CVE-2022-23614

⚠️ high

Summary

Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to code injection of arbitrary PHP code. Patched versions now disallow calling non Closure in the `sort` filter as is the case for some other filters. Users are advised to upgrade.

CVSS Score

8.8

High

EPSS Score

34.9

Exploit Probability

Published Date

2022-02-04

First Seen: 2026-01-05

📊 Relative Risk Intelligence

This CVE is High Risk - more severe than 81.1% of all 330,193 vulnerabilities in our database.

#62,466

Top 25% most severe

Severity Percentile

🎯 CISA SSVC Assessment Updated: Apr 23, 2025

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Total

Complete system compromise possible

SSVC data provided by CISA

Last Modified 2024-11-21

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE IDs (Weakness Types)

CWE-74 CWE-94

📦 Affected Products 5

Vendor	Product	Status	Affected Versions
debian	debian_linux	Affected	v11.0
fedoraproject	fedora	Affected	v34
fedoraproject	fedora	Affected	v35
symfony	twig	Affected	≥ 2.0.0 < 2.14.11
symfony	twig	Affected	≥ 3.0.0 < 3.3.8

🔗 References 8

https://github.com/twigphp/Twig/commit/22b9dc3c03ee6...

Patch Third Party Advisory

https://github.com/twigphp/Twig/commit/2eb3308055861...

Patch Third Party Advisory

https://github.com/twigphp/Twig/security/advisories/...

Third Party Advisory

https://lists.fedoraproject.org/archives/list/packag...

https://www.debian.org/security/2022/dsa-5107

Third Party Advisory

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-49975	⚠️ high	7.5	9.9	Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service vi...	2026-06-08
CVE-2026-24425	⚠️ high	8.8	0.1	Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface ...	2026-05-20
CVE-2026-31431	⚠️ high	7.8	2.2	In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-pla...	2026-04-22
CVE-2026-35093	⚠️ high	8.8	0.0	A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or ...	2026-04-01
CVE-2026-35094	ℹ️ low	3.3	0.0	A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can expl...	2026-04-01
CVE-2026-4775	⚠️ high	7.8	0.6	A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the ...	2026-03-24

These CVEs affect the same products