Package        : twig
CVE ID         : CVE-2019-9942

Fabien Potencier discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This could result in potential information disclosure.

This problem has been fixed in version 1.24.0-2+deb9u1.

For the detailed security status of twig please refer to its security tracker page at: https://security-tracker.debian.org/tracker/twig