Skip to content

Comments

Fix for CVE-2025-67746#16

Merged
henzeb merged 1 commit intohenzeb:mainfrom
BinaryKitten:patch-1
Jan 5, 2026
Merged

Fix for CVE-2025-67746#16
henzeb merged 1 commit intohenzeb:mainfrom
BinaryKitten:patch-1

Conversation

@BinaryKitten
Copy link
Contributor

@BinaryKitten BinaryKitten commented Jan 5, 2026

Summary

CVE-2025-67746 has a minimum requirement for composer 2.9.3 to be fixed.
This updates the enumhancer requirements to be at least that. This should prevent issues.

Details

As part of updating our application we had a security alert via snyk that composer was outdated and possibly issue - it mentioned that the problem was introduced via henzeb/enumhancer@3.2.0 - investigating this should be an simple update - with a minor change to the composer.json.

image image

@BinaryKitten
Fix for CVE-2025-67746
d462f4e 
CVE-2025-67746 has a minimum requirement for composer 2.9.3 to be fixed. This updates the enumhancer requirements to be at least that. This should prevent issues.
@henzeb henzeb merged commit f5970d0 into henzeb:main Jan 5, 2026
6 checks passed
@BinaryKitten BinaryKitten deleted the patch-1 branch January 5, 2026 11:15
@BinaryKitten
Copy link
Contributor Author

BinaryKitten commented Jan 5, 2026

@henzeb - sorry to be a pain, but any chance you could tag/release this?

@henzeb
Copy link
Owner

henzeb commented Jan 5, 2026

@henzeb - sorry to be a pain, but any chance you could tag/release this?

done! Enjoy!

@BinaryKitten
Copy link
Contributor Author

BinaryKitten commented Jan 5, 2026

Thank you :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@henzeb henzeb henzeb approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BinaryKitten @henzeb