Security Advisories - phpunit/phpunit - Packagist.org

phpunit/phpunit Security Advisories for 12.5.21 (2)

[HIGH] PHPUnit: Argument injection via newline in PHP INI values forwarded to child processes

PKSA-qccq-2pht-gg3w GHSA-mh6w-vxff-9wqp

Affected version: >=13.1.5,<13.1.6|>=12.5.21,<12.5.22

Reported by:
GitHub
[HIGH] Argument injection via newline in PHP INI values forwarded to child processes

PKSA-5jz8-6tcw-pbk4 CVE-2026-41570 GHSA-qrr6-mg7r-m243

Affected version: >=12.5.21,<12.5.22|>=13.1.5,<13.1.6

Reported by:
GitHub, FriendsOfPHP/security-advisories