CVE-2015-8371 — Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The issue occurs because of — CVE Database · The Intelligence Room