Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/222495?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/222495?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.11", "type": "composer", "namespace": "typo3", "name": "cms-core", "version": "8.7.11", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "9.5.25", "latest_non_vulnerable_version": "14.0.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54229?format=api", "vulnerability_id": "VCID-1ffs-9vj5-27hk", "summary": "Path Traversal\nDue to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of the Form Framework. In the default configuration of the Form Framework this allows attackers to explicitly allow arbitrary mime-types for file uploads - however, default `_fileDenyPattern_` successfully blocked files like `_.htaccess_` or `_malicious.php_`. Besides that, attackers can persist those files in any writable directory of the corresponding TYPO3 installation. A valid backend user account with access to the form module is needed to exploit this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78584", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357", "reference_id": "CVE-2021-21357", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357" }, { "reference_url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "GHSA-3vg7-jw9m-pc3f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "GHSA-3vg7-jw9m-pc3f", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58469?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80039?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80040?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80041?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21357", "GHSA-3vg7-jw9m-pc3f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ffs-9vj5-27hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41131?format=api", "vulnerability_id": "VCID-1knh-es99-dubw", "summary": "Code Injection\nArbitrary Code Execution and Cross-Site Scripting in Backend API.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58253?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/58254?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-168" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1knh-es99-dubw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40622?format=api", "vulnerability_id": "VCID-1prg-c74k-37ec", "summary": "Code Injection\nArbitrary Code Execution via File List Module.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56445?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-158" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1prg-c74k-37ec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40079?format=api", "vulnerability_id": "VCID-2m67-xdxz-ryc2", "summary": "Improper Authentication\nAuthentication Bypass in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56075?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-b92x-56ng-3ygy" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56076?format=api", "purl": "pkg:composer/typo3/cms-core@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.3.2" } ], "aliases": [ "GMS-2018-81" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2m67-xdxz-ryc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41121?format=api", "vulnerability_id": "VCID-6ffw-r4k7-5qf8", "summary": "Security Misconfiguration in Frontend Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58253?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/58254?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-167" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ffw-r4k7-5qf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40631?format=api", "vulnerability_id": "VCID-6q7t-kdrg-8qc3", "summary": "Security Misconfiguration for Backend User Accounts.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56445?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-153" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6q7t-kdrg-8qc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40618?format=api", "vulnerability_id": "VCID-6rgp-dzw1-kycx", "summary": "Cross-site Scripting\nCross-Site Scripting in Bootstrap CSS toolkit.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56445?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-156" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rgp-dzw1-kycx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40095?format=api", "vulnerability_id": "VCID-7ch1-q9f4-a7bt", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nIn Bootstrap, XSS is possible in the data-target property of scrollspy.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html" }, { "reference_url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1456", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1456" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07723", "scoring_system": "epss", "scoring_elements": "0.92076", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041" }, { "reference_url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/10" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/11" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/13" }, { "reference_url": "https://github.com/twbs/bootstrap", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26423", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26423" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26627" }, { "reference_url": "https://github.com/twbs/bootstrap/pull/26630", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/pull/26630" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/18" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616", "reference_id": "1601616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "reference_id": "CVE-2018-14041", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml", "reference_id": "CVE-2018-14041.YML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml" }, { "reference_url": "https://github.com/advisories/GHSA-pj7m-g53m-7638", "reference_id": "GHSA-pj7m-g53m-7638", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pj7m-g53m-7638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5693", "reference_id": "RHSA-2023:5693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5693" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56445?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "CVE-2018-14041", "GHSA-pj7m-g53m-7638" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ch1-q9f4-a7bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41119?format=api", "vulnerability_id": "VCID-82ds-xda8-5ye4", "summary": "Insecure Deserialization in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58253?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/58254?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-169" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82ds-xda8-5ye4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54219?format=api", "vulnerability_id": "VCID-848u-w88s-5bbe", "summary": "Unrestricted Upload of File with Dangerous Type\nDue to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default `_fileDenyPattern_` successfully blocked files like `_.htaccess_` or `_malicious.php_`. Additionally, `_UploadedFileReferenceConverter_` transforming uploaded files into proper FileReference domain model objects handles possible file uploads for other extensions as well - given those extensions use the Extbase MVC framework, make use of FileReference items in their direct or inherited domain model definitions and did not implement their own type converter. In case this scenario applies, `_UploadedFileReferenceConverter_` accepts any file mime-type and persists files in the default location. In any way, uploaded files are placed in the default location `_/fileadmin/user_upload/_`, in most scenarios keeping the submitted filename - which allows attackers to directly reference files, or even correctly guess filenames used by other individuals, disclosing this information. No authentication is required to exploit this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62059", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355", "reference_id": "CVE-2021-21355", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355" }, { "reference_url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "GHSA-2r6j-862c-m2v2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "GHSA-2r6j-862c-m2v2", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58469?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80039?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80040?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80041?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21355", "GHSA-2r6j-862c-m2v2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-848u-w88s-5bbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40956?format=api", "vulnerability_id": "VCID-8sek-v483-8ueu", "summary": "Code Injection\nPossible Arbitrary Code Execution in Image Processing.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57971?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-cbmm-1b2k-8qaz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/57972?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cbmm-1b2k-8qaz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-162" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sek-v483-8ueu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40495?format=api", "vulnerability_id": "VCID-b92x-56ng-3ygy", "summary": "Uncontrolled Resource Consumption\nDenial of Service in Frontend Record Registration.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms-core@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-2m67-xdxz-ryc2" }, { "vulnerability": "VCID-2rhr-8vaz-hqfj" }, { "vulnerability": "VCID-3ebd-765h-j3g7" }, { "vulnerability": "VCID-3hta-35zx-zuc4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4q6d-bd3h-t7f4" }, { "vulnerability": "VCID-4rfq-u488-sbh5" }, { "vulnerability": "VCID-51k2-j834-pffb" }, { "vulnerability": "VCID-5nq2-nchj-fkc8" }, { "vulnerability": "VCID-5ync-ktk5-23gh" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-78ff-k66z-bkh7" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7r4g-gxc6-hubh" }, { "vulnerability": "VCID-7snt-7hyt-1fbx" }, { "vulnerability": "VCID-8216-asqx-f7eb" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-87ej-qn3k-t3dy" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9mpc-hjjh-u3d2" }, { "vulnerability": "VCID-a1g9-pyz5-9fca" }, { "vulnerability": "VCID-an3r-c2yp-1bbd" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-bzqv-s7g3-wff9" }, { "vulnerability": "VCID-cf9m-qdyj-eyav" }, { "vulnerability": "VCID-cgny-nmk3-4fcd" }, { "vulnerability": "VCID-cq82-qt6v-dfhz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-dzrt-8tny-kbcy" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-eq57-btkt-hug8" }, { "vulnerability": "VCID-etcc-43a3-a7ek" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-f9pk-cwyr-a7cv" }, { "vulnerability": "VCID-fgkd-jp96-cbcs" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g3t9-1yx2-6ufd" }, { "vulnerability": "VCID-gemf-j9uj-jka1" }, { "vulnerability": "VCID-gvag-nxmd-s7d1" }, { "vulnerability": "VCID-hfcx-1kuh-p3ez" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-hr6r-88m3-9udv" }, { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-ke39-846j-kbh3" }, { "vulnerability": "VCID-myhc-dyh9-xygg" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qtyt-338b-ayay" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rzx5-nv6h-qqhg" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uhrk-ad4f-nqgh" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-uq77-aax5-k7d8" }, { "vulnerability": "VCID-uua1-9rt1-dfbz" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-w94g-xxea-23fb" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x3n3-tsjh-8kby" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-y3zj-acc7-jkau" }, { "vulnerability": "VCID-yf3d-yyzq-guh1" }, { "vulnerability": "VCID-ygw1-vqxg-z3h3" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" }, { "vulnerability": "VCID-z718-97ez-r7g3" }, { "vulnerability": "VCID-zbm9-cx69-wqg3" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.0.0" } ], "aliases": [ "GMS-2018-91" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b92x-56ng-3ygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40084?format=api", "vulnerability_id": "VCID-cf9m-qdyj-eyav", "summary": "Privilege Escalation & SQL Injection in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56075?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-b92x-56ng-3ygy" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56076?format=api", "purl": "pkg:composer/typo3/cms-core@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.3.2" } ], "aliases": [ "GMS-2018-83" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cf9m-qdyj-eyav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40637?format=api", "vulnerability_id": "VCID-cg7w-xkyg-abgj", "summary": "Improper Access Control\nBroken Access Control in Localization Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms-core@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-2m67-xdxz-ryc2" }, { "vulnerability": "VCID-2rhr-8vaz-hqfj" }, { "vulnerability": "VCID-3ebd-765h-j3g7" }, { "vulnerability": "VCID-3hta-35zx-zuc4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4q6d-bd3h-t7f4" }, { "vulnerability": "VCID-4rfq-u488-sbh5" }, { "vulnerability": "VCID-51k2-j834-pffb" }, { "vulnerability": "VCID-5nq2-nchj-fkc8" }, { "vulnerability": "VCID-5ync-ktk5-23gh" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-78ff-k66z-bkh7" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7r4g-gxc6-hubh" }, { "vulnerability": "VCID-7snt-7hyt-1fbx" }, { "vulnerability": "VCID-8216-asqx-f7eb" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-87ej-qn3k-t3dy" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9mpc-hjjh-u3d2" }, { "vulnerability": "VCID-a1g9-pyz5-9fca" }, { "vulnerability": "VCID-an3r-c2yp-1bbd" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-bzqv-s7g3-wff9" }, { "vulnerability": "VCID-cf9m-qdyj-eyav" }, { "vulnerability": "VCID-cgny-nmk3-4fcd" }, { "vulnerability": "VCID-cq82-qt6v-dfhz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-dzrt-8tny-kbcy" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-eq57-btkt-hug8" }, { "vulnerability": "VCID-etcc-43a3-a7ek" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-f9pk-cwyr-a7cv" }, { "vulnerability": "VCID-fgkd-jp96-cbcs" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g3t9-1yx2-6ufd" }, { "vulnerability": "VCID-gemf-j9uj-jka1" }, { "vulnerability": "VCID-gvag-nxmd-s7d1" }, { "vulnerability": "VCID-hfcx-1kuh-p3ez" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-hr6r-88m3-9udv" }, { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-ke39-846j-kbh3" }, { "vulnerability": "VCID-myhc-dyh9-xygg" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qtyt-338b-ayay" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rzx5-nv6h-qqhg" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uhrk-ad4f-nqgh" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-uq77-aax5-k7d8" }, { "vulnerability": "VCID-uua1-9rt1-dfbz" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-w94g-xxea-23fb" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x3n3-tsjh-8kby" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-y3zj-acc7-jkau" }, { "vulnerability": "VCID-yf3d-yyzq-guh1" }, { "vulnerability": "VCID-ygw1-vqxg-z3h3" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" }, { "vulnerability": "VCID-z718-97ez-r7g3" }, { "vulnerability": "VCID-zbm9-cx69-wqg3" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.0.0" } ], "aliases": [ "GMS-2019-154" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cg7w-xkyg-abgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41125?format=api", "vulnerability_id": "VCID-cv9x-ea8e-pufu", "summary": "Cross-site Scripting\nCross-Site Scripting in Link Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58253?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/58254?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-166" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cv9x-ea8e-pufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40508?format=api", "vulnerability_id": "VCID-daz8-j1ns-rkgt", "summary": "Information Disclosure in Install Tool.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "GMS-2018-89" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-daz8-j1ns-rkgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41126?format=api", "vulnerability_id": "VCID-e8ze-umec-a7hx", "summary": "Information Disclosure in Backend User Interface.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58253?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/58254?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-165" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8ze-umec-a7hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40499?format=api", "vulnerability_id": "VCID-e9jc-8mpp-fkgh", "summary": "Security Misconfiguration in Install Tool Cookie.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "GMS-2018-88" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9jc-8mpp-fkgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54233?format=api", "vulnerability_id": "VCID-ev4k-5k1d-2bhu", "summary": "URL Redirection to Untrusted Site (Open Redirect)\nLogin Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48774", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338", "reference_id": "CVE-2021-21338", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58469?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80039?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80040?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80041?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21338", "GHSA-4jhw-2p6j-5wmp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ev4k-5k1d-2bhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54220?format=api", "vulnerability_id": "VCID-fqkx-v8t5-q3h6", "summary": "Cleartext Storage of Sensitive Information\nUser session identifiers are stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - for example SQL injection in any other component of the system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32224", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339", "reference_id": "CVE-2021-21339", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58469?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80039?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80040?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80041?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21339", "GHSA-qx3w-4864-94ch" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqkx-v8t5-q3h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40081?format=api", "vulnerability_id": "VCID-hfcx-1kuh-p3ez", "summary": "Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56075?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-b92x-56ng-3ygy" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56076?format=api", "purl": "pkg:composer/typo3/cms-core@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.3.2" } ], "aliases": [ "GMS-2018-82" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hfcx-1kuh-p3ez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40957?format=api", "vulnerability_id": "VCID-hnyk-614g-yuhy", "summary": "Security Misconfiguration in User Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57971?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-cbmm-1b2k-8qaz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/57972?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cbmm-1b2k-8qaz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-161" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hnyk-614g-yuhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54221?format=api", "vulnerability_id": "VCID-jp1p-rfxa-hyd9", "summary": "Cross-site Scripting\nContent elements of type `_menu_` are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57112", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml" }, { "reference_url": "https://packagist.org/packages/typo3/cms-backend", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-backend" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370", "reference_id": "CVE-2021-21370", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370" }, { "reference_url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58469?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80039?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80040?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80041?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21370", "GHSA-x7hc-x7fm-f7qh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jp1p-rfxa-hyd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40630?format=api", "vulnerability_id": "VCID-k8r2-2ak8-qkak", "summary": "Cross-site Scripting\nCross-Site Scripting in Form Framework.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56445?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-157" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k8r2-2ak8-qkak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40628?format=api", "vulnerability_id": "VCID-n56h-zuzr-ruhf", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid `ViewHelpers`.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56445?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-155" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n56h-zuzr-ruhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40498?format=api", "vulnerability_id": "VCID-nyw8-q5ef-2fcv", "summary": "Uncontrolled Resource Consumption\nDenial of Service in Online Media Asset Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "GMS-2018-90" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nyw8-q5ef-2fcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40502?format=api", "vulnerability_id": "VCID-pwh8-c992-vqav", "summary": "Cross-site Scripting\nCross-Site Scripting in CKEditor.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "GMS-2018-92" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pwh8-c992-vqav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40965?format=api", "vulnerability_id": "VCID-qr1u-kcn9-cuf6", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid Engine.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57971?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-cbmm-1b2k-8qaz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/57972?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cbmm-1b2k-8qaz" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-160" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qr1u-kcn9-cuf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40440?format=api", "vulnerability_id": "VCID-qxab-9uwr-yqhv", "summary": "Cross-site Scripting\nCKEditor allows user-assisted XSS involving a source-mode paste.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17960", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02024", "scoring_system": "epss", "scoring_elements": "0.84092", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17960" }, { "reference_url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released" }, { "reference_url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/" }, { "reference_url": "https://ckeditor.com/cke4/release/CKEditor-4.11.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://ckeditor.com/cke4/release/CKEditor-4.11.0" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005" }, { "reference_url": "https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217", "reference_id": "1015217", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17960", "reference_id": "CVE-2018-17960", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17960" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml", "reference_id": "CVE-2018-17960.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml", "reference_id": "CVE-2018-17960.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-g68x-vvqq-pvw3", "reference_id": "GHSA-g68x-vvqq-pvw3", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g68x-vvqq-pvw3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "CVE-2018-17960", "GHSA-g68x-vvqq-pvw3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxab-9uwr-yqhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53815?format=api", "vulnerability_id": "VCID-tgyt-axv1-c7ag", "summary": "Cross-site Scripting\nTYPO3 is an open source PHP based web content management system. In TYPO3 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 that fix the problem described.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.5838", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227", "reference_id": "CVE-2020-26227", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140217?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.38", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.38" }, { "url": "http://public2.vulnerablecode.io/api/packages/79202?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/79195?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6urp-p9mn-cffv" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-c46m-ht19-ybc4" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.10" } ], "aliases": [ "CVE-2020-26227", "GHSA-vqqx-jw6p-q3rf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tgyt-axv1-c7ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40493?format=api", "vulnerability_id": "VCID-uaf3-fyst-u7gm", "summary": "Cross-site Scripting\nCross-Site Scripting in Backend Modal Component.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "GMS-2018-86" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uaf3-fyst-u7gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40510?format=api", "vulnerability_id": "VCID-uncp-sa58-ufdd", "summary": "Cross-site Scripting\nCross-Site Scripting in Online Media Asset Rendering.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "GMS-2018-85" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uncp-sa58-ufdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40626?format=api", "vulnerability_id": "VCID-wm4a-hcvt-vkbk", "summary": "Information Disclosure of Installed Extensions.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56444?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/56445?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-152" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wm4a-hcvt-vkbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40506?format=api", "vulnerability_id": "VCID-z2bk-m2kw-h3c9", "summary": "Cross-site Scripting\nCross-Site Scripting in Frontend User Login.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57058?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57059?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2" } ], "aliases": [ "GMS-2018-87" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2bk-m2kw-h3c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40083?format=api", "vulnerability_id": "VCID-zbm9-cx69-wqg3", "summary": "Insecure Deserialization in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-004/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56075?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-b92x-56ng-3ygy" }, { "vulnerability": "VCID-cg7w-xkyg-abgj" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56076?format=api", "purl": "pkg:composer/typo3/cms-core@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1knh-es99-dubw" }, { "vulnerability": "VCID-1prg-c74k-37ec" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-23ss-xwrm-1qcu" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6ffw-r4k7-5qf8" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6q7t-kdrg-8qc3" }, { "vulnerability": "VCID-6rgp-dzw1-kycx" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-82ds-xda8-5ye4" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8sek-v483-8ueu" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cv9x-ea8e-pufu" }, { "vulnerability": "VCID-daz8-j1ns-rkgt" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-e8ze-umec-a7hx" }, { "vulnerability": "VCID-e9jc-8mpp-fkgh" }, { "vulnerability": "VCID-efrn-3w2z-xyaf" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hnyk-614g-yuhy" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k8r2-2ak8-qkak" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-n56h-zuzr-ruhf" }, { "vulnerability": "VCID-nyw8-q5ef-2fcv" }, { "vulnerability": "VCID-pwh8-c992-vqav" }, { "vulnerability": "VCID-qr1u-kcn9-cuf6" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-uaf3-fyst-u7gm" }, { "vulnerability": "VCID-uncp-sa58-ufdd" }, { "vulnerability": "VCID-v7b1-x8hy-2kcg" }, { "vulnerability": "VCID-wm4a-hcvt-vkbk" }, { "vulnerability": "VCID-x5jb-yj3d-qbdf" }, { "vulnerability": "VCID-z2bk-m2kw-h3c9" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zhcb-h8ph-7uhk" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.3.2" } ], "aliases": [ "GMS-2018-84" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zbm9-cx69-wqg3" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.11" }