Twig: Sandbox Information Disclosure

Affected versions¶ Twig 1.0.0 to 1.37.1 and 2.0.0 to 2.6.2 are affected by this security issue. The issue has been fixed in Twig 1.38.0 and 2.7.0. Description¶ This vulnerability affects the sandbox mode of Twig. If you are not using the sandbox, your code is not affected. Twig allows the evaluation of non-trusted templates in…