### [CVE-2024-51754](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51754)
![](https://img.shields.io/static/v1?label=Product&message=Twig&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%203.11.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3E%3D%203.12.0%2C%20%3C%203.14.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-668%3A%20Exposure%20of%20Resource%20to%20Wrong%20Sphere&color=brightgreen)

### Description

Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance). This issue has been patched in versions 3.11.2 and 3.14.1. All users are advised to upgrade. There are no known workarounds for this issue.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security