| Package | php-nette |
|---|---|
| Version | 2.1.5-1+deb8u1 |
| Related CVEs | CVE-2020-15227 |
php-nette, a PHP MVC framework, is vulnerable to a code injection attack by passing specially formed parameters to URL that may possibly leading to remote code execution.
For Debian 8 jessie, these problems have been fixed in version 2.1.5-1+deb8u1.
We recommend that you upgrade your php-nette packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.