Information on source package composer

Available versions

ReleaseVersion
stretch1.2.2-1+deb9u3
stretch (security)1.2.2-1+deb9u1
buster1.8.4-1+deb10u4
bullseye2.0.9-2+deb11u4
bookworm2.5.5-1+deb12u2
trixie2.8.4-1
sid2.8.4-1

Open issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-43655fixedfixedvulnerable (no DSA)vulnerable (no DSA, postponed)fixedfixedComposer is a dependency manager for PHP. Users publishing a composer. ...

Resolved issues

BugDescription
CVE-2024-35242Composer is a dependency manager for PHP. On the 2.x branch prior to v ...
CVE-2024-35241Composer is a dependency manager for PHP. On the 2.x branch prior to v ...
CVE-2024-24821Composer is a dependency Manager for the PHP language. In affected ver ...
CVE-2022-24828Composer is a dependency manager for the PHP programming language. Int ...
CVE-2021-41116Composer is an open source dependency manager for the PHP language. In ...
CVE-2021-29472Composer is a dependency manager for PHP. URLs for Mercurial repositor ...
CVE-2015-8371Composer before 2016-02-10 allows cache poisoning from other projects ...

Security announcements

DSA / DLADescription
DSA-5715-2composer - regression update
DLA-3838-1composer - security update
ELA-1114-1composer - security update
DSA-5715-1composer - security update
ELA-1096-1composer - security update
DLA-3777-1composer - security update
DSA-5632-1composer - security update
DLA-2654-1composer - security update
DSA-4907-1composer - security update

Search for package or bug name: Reporting problems