A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks

A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks

In this article, you will learn A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks. A New Critical PHP Composer Bug Could Enable Widespread Supply-Chain Attacks — PATCH it Now!

The maintainers of Composer, a package manager for PHP, have shipped an update to address a critical vulnerability that could have allowed an attacker to execute arbitrary commands and "backdoor every PHP package," resulting in a supply-chain attack.

Tracked as CVE-2021-29472, the security issue was discovered and reported on April 22 by researchers from  SonarSource, following which a hotfix was deployed less than 12 hours later.

"Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders," Composer  said its  release notes for versions 2.0.13 and 1.10.22 published on Wednesday. "To the best of our knowledge the vulnerability has not been exploited."

php

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Hire PHP Developer - Best PHP Web Frameworks for Web Development

Hire our Laravel, CodeIgniter, YII, Zend, Cake PHP, Core PHP developers for your custom web development projects. Choose best PHP Web Frameworks & get satisfactory results.

Hire PHP Developer

Looking to develop a PHP based website from scratch or revamp your existing website? **[HourlyDeveloper.io](https://hourlydeveloper.io/ "HourlyDeveloper.io")** has always been an industry leader for companies and business owners looking to hire...

Noteworthy PHP Development Tools that a PHP Developer should know in 2021!

![This is image title](https://telegra.ph/file/856eae74f33107c93ca2c.jpg "This is image title") Hypertext Preprocessor, commonly known as PHP, happens to be one of the most widely used server-side scripting languages for developing web...

Top PHP web development company| PHP development services India

Are you looking for a php web development company? ValueCoders is a leading software company with 16+ years of experience offering PHP website development services to global clients. 4200+ projects | 2500+ Clients| 450+ Experts.

Custom PHP Development Company | PHP Web Development Service

One programming language that has its root in Website development even at present is PHP Website Development. The PHP programming is executed on the server side which means it functions on web servers which helps the website in its...