Skip to content

Tags: thomashohn/Fluid

Tags

2.6.1

[BUGFIX] Ensure escaping of escapable ExpressionNode

Prevents a potential security issue when expression
nodes are used to output variables, in which case,
they would not be properly escaped.

The fix implements escaping interception for these
expression nodes.

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C

2.5.5

[BUGFIX] Ensure escaping of escapable ExpressionNode

Prevents a potential security issue when expression
nodes are used to output variables, in which case,
they would not be properly escaped.

The fix implements escaping interception for these
expression nodes.

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C

2.4.1

[BUGFIX] Ensure escaping of escapable ExpressionNode

Prevents a potential security issue when expression
nodes are used to output variables, in which case,
they would not be properly escaped.

The fix implements escaping interception for these
expression nodes.

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C

2.3.5

[BUGFIX] Ensure escaping of escapable ExpressionNode

Prevents a potential security issue when expression
nodes are used to output variables, in which case,
they would not be properly escaped.

The fix implements escaping interception for these
expression nodes.

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C

2.2.1

[BUGFIX] Ensure escaping of escapable ExpressionNode

Prevents a potential security issue when expression
nodes are used to output variables, in which case,
they would not be properly escaped.

The fix implements escaping interception for these
expression nodes.

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C

2.1.4

[BUGFIX] Ensure escaping of escapable ExpressionNode

Prevents a potential security issue when expression
nodes are used to output variables, in which case,
they would not be properly escaped.

The fix implements escaping interception for these
expression nodes.

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C

2.0.5

[BUGFIX] Ensure escaping of escapable ExpressionNode

Prevents a potential security issue when expression
nodes are used to output variables, in which case,
they would not be properly escaped.

The fix implements escaping interception for these
expression nodes.

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C

2.6.0

[CLEANUP] Fix phpdoc parameter type (TYPO3#423)

2.5.4

[BUGFIX] Fix ternary condition behaviors (TYPO3#394)

* [BUGFIX] Fix ternary condition behaviors

This patch corrects the following problems for
ternary conditions:

* Dotted paths were not detected correctly.
* The “then” part was mandatory
* Negating the condition did not work correctly

All three described cases are working now.

* [TASK] Use common shorthand ternary notation

Avoid people thinking that spaces are necessary here.

2.5.3

[BUGFIX] Fix Countable- and multibyte support in conditions (TYPO3#380)