Advisories for Composer/Latte/Latte package

Latte is an open source template engine for PHP. Users unable to upgrade should not accept template input from untrusted sources.

There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will bypass these restrictions.