Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@6.2.29
Typecomposer
Namespacetypo3
Namecms
Version6.2.29
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.35
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-5jgb-dsyx-hyb4
vulnerability_id VCID-5jgb-dsyx-hyb4
summary 
Open Redirection in Login Handling
### Problem
It has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability.

### Solution
Update to TYPO3 versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 that fix the problem described.

### Credits
Thanks to Alexander Kellner who reported this issue and to TYPO3 security team member Torben Hansen who fixed the issue.

### References
* [TYPO3-CORE-SA-2021-001](https://typo3.org/security/advisory/typo3-core-sa-2021-001)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21338
reference_id
reference_type
scores
0
value 0.00253
scoring_system epss
scoring_elements 0.48593
published_at 2026-04-08T12:55:00Z
1
value 0.00253
scoring_system epss
scoring_elements 0.48598
published_at 2026-04-21T12:55:00Z
2
value 0.00253
scoring_system epss
scoring_elements 0.4861
published_at 2026-04-11T12:55:00Z
3
value 0.00253
scoring_system epss
scoring_elements 0.48529
published_at 2026-04-01T12:55:00Z
4
value 0.00253
scoring_system epss
scoring_elements 0.48589
published_at 2026-04-09T12:55:00Z
5
value 0.00253
scoring_system epss
scoring_elements 0.48564
published_at 2026-04-02T12:55:00Z
6
value 0.00253
scoring_system epss
scoring_elements 0.48587
published_at 2026-04-04T12:55:00Z
7
value 0.00253
scoring_system epss
scoring_elements 0.48539
published_at 2026-04-07T12:55:00Z
8
value 0.00253
scoring_system epss
scoring_elements 0.48641
published_at 2026-04-18T12:55:00Z
9
value 0.00253
scoring_system epss
scoring_elements 0.48646
published_at 2026-04-16T12:55:00Z
10
value 0.00253
scoring_system epss
scoring_elements 0.48596
published_at 2026-04-13T12:55:00Z
11
value 0.00253
scoring_system epss
scoring_elements 0.48584
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21338
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21338
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21338
5
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-001
7
reference_url https://github.com/advisories/GHSA-4jhw-2p6j-5wmp
reference_id GHSA-4jhw-2p6j-5wmp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4jhw-2p6j-5wmp
fixed_packages
0
url pkg:composer/typo3/cms@6.2.57
purl pkg:composer/typo3/cms@6.2.57
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.57
1
url pkg:composer/typo3/cms@7.6.51
purl pkg:composer/typo3/cms@7.6.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n15v-ta9h-6ffb
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.51
2
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ekfd-wp8z-d7e1
1
vulnerability VCID-n15v-ta9h-6ffb
2
vulnerability VCID-s64f-x81f-b7ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
3
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5paq-5frf-43ed
1
vulnerability VCID-6a9t-8dmn-s3bv
2
vulnerability VCID-bajy-qbwq-fufn
3
vulnerability VCID-ekfd-wp8z-d7e1
4
vulnerability VCID-mnz3-rj21-67ad
5
vulnerability VCID-n15v-ta9h-6ffb
6
vulnerability VCID-s64f-x81f-b7ce
7
vulnerability VCID-t1n7-eswt-73gw
8
vulnerability VCID-ve7g-8st5-wffb
9
vulnerability VCID-vyvy-y3cw-hbgr
10
vulnerability VCID-y32z-2d3f-gkgw
11
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
4
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-4jpa-6fqh-hbfg
2
vulnerability VCID-5paq-5frf-43ed
3
vulnerability VCID-6a9t-8dmn-s3bv
4
vulnerability VCID-8sdd-b1bn-cuhx
5
vulnerability VCID-av8u-rvzq-4fc7
6
vulnerability VCID-bajy-qbwq-fufn
7
vulnerability VCID-e32h-8q61-hbgc
8
vulnerability VCID-ekfd-wp8z-d7e1
9
vulnerability VCID-mnz3-rj21-67ad
10
vulnerability VCID-n15v-ta9h-6ffb
11
vulnerability VCID-remd-55jh-r3g5
12
vulnerability VCID-s55j-8hbt-akhn
13
vulnerability VCID-s64f-x81f-b7ce
14
vulnerability VCID-t1n7-eswt-73gw
15
vulnerability VCID-ve7g-8st5-wffb
16
vulnerability VCID-vwb2-a84s-5qak
17
vulnerability VCID-vyvy-y3cw-hbgr
18
vulnerability VCID-w13x-3rp9-wyej
19
vulnerability VCID-y32z-2d3f-gkgw
20
vulnerability VCID-yj9g-uz1a-jkf2
21
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
5
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-4jpa-6fqh-hbfg
2
vulnerability VCID-5paq-5frf-43ed
3
vulnerability VCID-6a9t-8dmn-s3bv
4
vulnerability VCID-8sdd-b1bn-cuhx
5
vulnerability VCID-av8u-rvzq-4fc7
6
vulnerability VCID-bajy-qbwq-fufn
7
vulnerability VCID-e32h-8q61-hbgc
8
vulnerability VCID-ekfd-wp8z-d7e1
9
vulnerability VCID-mnz3-rj21-67ad
10
vulnerability VCID-n15v-ta9h-6ffb
11
vulnerability VCID-remd-55jh-r3g5
12
vulnerability VCID-s55j-8hbt-akhn
13
vulnerability VCID-s64f-x81f-b7ce
14
vulnerability VCID-t1n7-eswt-73gw
15
vulnerability VCID-uyeu-a3xr-fkh4
16
vulnerability VCID-ve7g-8st5-wffb
17
vulnerability VCID-vwb2-a84s-5qak
18
vulnerability VCID-vyvy-y3cw-hbgr
19
vulnerability VCID-w13x-3rp9-wyej
20
vulnerability VCID-y32z-2d3f-gkgw
21
vulnerability VCID-yj9g-uz1a-jkf2
22
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21338, GHSA-4jhw-2p6j-5wmp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5jgb-dsyx-hyb4
1
url VCID-dsu7-jjjq-f3e1
vulnerability_id VCID-dsu7-jjjq-f3e1
summary 
Cleartext storage of session identifier
### Problem
User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system.

### Solution
Update to TYPO3 versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 that fix the problem described.

### Credits
Thanks to TYPO3 security team member Oliver Hader who reported this issue and to TYPO3 core & security team members Benni Mack & Oliver Hader who fixed the issue.

### References
* [TYPO3-CORE-SA-2021-006](https://typo3.org/security/advisory/typo3-core-sa-2021-006)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21339
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32661
published_at 2026-04-07T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.32736
published_at 2026-04-11T12:55:00Z
2
value 0.00132
scoring_system epss
scoring_elements 0.32671
published_at 2026-04-01T12:55:00Z
3
value 0.00132
scoring_system epss
scoring_elements 0.32735
published_at 2026-04-09T12:55:00Z
4
value 0.00132
scoring_system epss
scoring_elements 0.32804
published_at 2026-04-02T12:55:00Z
5
value 0.00132
scoring_system epss
scoring_elements 0.3284
published_at 2026-04-04T12:55:00Z
6
value 0.00132
scoring_system epss
scoring_elements 0.32709
published_at 2026-04-08T12:55:00Z
7
value 0.00132
scoring_system epss
scoring_elements 0.32659
published_at 2026-04-21T12:55:00Z
8
value 0.00132
scoring_system epss
scoring_elements 0.32688
published_at 2026-04-18T12:55:00Z
9
value 0.00132
scoring_system epss
scoring_elements 0.32711
published_at 2026-04-16T12:55:00Z
10
value 0.00132
scoring_system epss
scoring_elements 0.32672
published_at 2026-04-13T12:55:00Z
11
value 0.00132
scoring_system epss
scoring_elements 0.327
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21339
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21339
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21339
5
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-006
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-006
7
reference_url https://github.com/advisories/GHSA-qx3w-4864-94ch
reference_id GHSA-qx3w-4864-94ch
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qx3w-4864-94ch
fixed_packages
0
url pkg:composer/typo3/cms@6.2.57
purl pkg:composer/typo3/cms@6.2.57
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.57
1
url pkg:composer/typo3/cms@7.6.51
purl pkg:composer/typo3/cms@7.6.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n15v-ta9h-6ffb
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.51
2
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ekfd-wp8z-d7e1
1
vulnerability VCID-n15v-ta9h-6ffb
2
vulnerability VCID-s64f-x81f-b7ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
3
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5paq-5frf-43ed
1
vulnerability VCID-6a9t-8dmn-s3bv
2
vulnerability VCID-bajy-qbwq-fufn
3
vulnerability VCID-ekfd-wp8z-d7e1
4
vulnerability VCID-mnz3-rj21-67ad
5
vulnerability VCID-n15v-ta9h-6ffb
6
vulnerability VCID-s64f-x81f-b7ce
7
vulnerability VCID-t1n7-eswt-73gw
8
vulnerability VCID-ve7g-8st5-wffb
9
vulnerability VCID-vyvy-y3cw-hbgr
10
vulnerability VCID-y32z-2d3f-gkgw
11
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
4
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-4jpa-6fqh-hbfg
2
vulnerability VCID-5paq-5frf-43ed
3
vulnerability VCID-6a9t-8dmn-s3bv
4
vulnerability VCID-8sdd-b1bn-cuhx
5
vulnerability VCID-av8u-rvzq-4fc7
6
vulnerability VCID-bajy-qbwq-fufn
7
vulnerability VCID-e32h-8q61-hbgc
8
vulnerability VCID-ekfd-wp8z-d7e1
9
vulnerability VCID-mnz3-rj21-67ad
10
vulnerability VCID-n15v-ta9h-6ffb
11
vulnerability VCID-remd-55jh-r3g5
12
vulnerability VCID-s55j-8hbt-akhn
13
vulnerability VCID-s64f-x81f-b7ce
14
vulnerability VCID-t1n7-eswt-73gw
15
vulnerability VCID-ve7g-8st5-wffb
16
vulnerability VCID-vwb2-a84s-5qak
17
vulnerability VCID-vyvy-y3cw-hbgr
18
vulnerability VCID-w13x-3rp9-wyej
19
vulnerability VCID-y32z-2d3f-gkgw
20
vulnerability VCID-yj9g-uz1a-jkf2
21
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
5
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-4jpa-6fqh-hbfg
2
vulnerability VCID-5paq-5frf-43ed
3
vulnerability VCID-6a9t-8dmn-s3bv
4
vulnerability VCID-8sdd-b1bn-cuhx
5
vulnerability VCID-av8u-rvzq-4fc7
6
vulnerability VCID-bajy-qbwq-fufn
7
vulnerability VCID-e32h-8q61-hbgc
8
vulnerability VCID-ekfd-wp8z-d7e1
9
vulnerability VCID-mnz3-rj21-67ad
10
vulnerability VCID-n15v-ta9h-6ffb
11
vulnerability VCID-remd-55jh-r3g5
12
vulnerability VCID-s55j-8hbt-akhn
13
vulnerability VCID-s64f-x81f-b7ce
14
vulnerability VCID-t1n7-eswt-73gw
15
vulnerability VCID-uyeu-a3xr-fkh4
16
vulnerability VCID-ve7g-8st5-wffb
17
vulnerability VCID-vwb2-a84s-5qak
18
vulnerability VCID-vyvy-y3cw-hbgr
19
vulnerability VCID-w13x-3rp9-wyej
20
vulnerability VCID-y32z-2d3f-gkgw
21
vulnerability VCID-yj9g-uz1a-jkf2
22
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21339, GHSA-qx3w-4864-94ch
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dsu7-jjjq-f3e1
2
url VCID-f963-qur3-2qb7
vulnerability_id VCID-f963-qur3-2qb7
summary 
Cross-Site Scripting in Fluid view helpers
> ### Meta
> * CVSS: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (5.7)
> * CWE-79

### Problem
It has been discovered that system extension Fluid (`typo3/cms-fluid`) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers.

```
<f:form ... fieldNamePrefix="{payload}" />
<f:be.labels.csh ... label="{payload}" />
<f:be.menus.actionMenu ... label="{payload}" />
```

### Solution
Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.

### Credits
Thanks to TYPO3 security team member Oliver Hader who reported this issue and to TYPO3 security team members Helmut Hummel & Oliver Hader who fixed the issue.

### References
* [TYPO3-CORE-SA-2020-010](https://typo3.org/security/advisory/typo3-core-sa-2020-010)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26227
reference_id
reference_type
scores
0
value 0.00359
scoring_system epss
scoring_elements 0.58104
published_at 2026-04-04T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.58115
published_at 2026-04-21T12:55:00Z
2
value 0.00359
scoring_system epss
scoring_elements 0.5814
published_at 2026-04-18T12:55:00Z
3
value 0.00359
scoring_system epss
scoring_elements 0.58139
published_at 2026-04-16T12:55:00Z
4
value 0.00359
scoring_system epss
scoring_elements 0.58137
published_at 2026-04-09T12:55:00Z
5
value 0.00359
scoring_system epss
scoring_elements 0.57999
published_at 2026-04-01T12:55:00Z
6
value 0.00359
scoring_system epss
scoring_elements 0.58133
published_at 2026-04-08T12:55:00Z
7
value 0.00359
scoring_system epss
scoring_elements 0.58083
published_at 2026-04-02T12:55:00Z
8
value 0.00359
scoring_system epss
scoring_elements 0.58079
published_at 2026-04-07T12:55:00Z
9
value 0.00359
scoring_system epss
scoring_elements 0.58109
published_at 2026-04-13T12:55:00Z
10
value 0.00359
scoring_system epss
scoring_elements 0.5813
published_at 2026-04-12T12:55:00Z
11
value 0.00359
scoring_system epss
scoring_elements 0.58153
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26227
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26227
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26227
5
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2020-010
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2020-010
7
reference_url https://github.com/advisories/GHSA-vqqx-jw6p-q3rf
reference_id GHSA-vqqx-jw6p-q3rf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vqqx-jw6p-q3rf
fixed_packages
0
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-99uu-rfrf-bqa7
14
vulnerability VCID-asym-tgh2-1kg8
15
vulnerability VCID-b45y-dr1a-7qd7
16
vulnerability VCID-b5ht-z6zp-pbht
17
vulnerability VCID-bajy-qbwq-fufn
18
vulnerability VCID-bnne-7p2q-eqd2
19
vulnerability VCID-buax-rz7x-r7c2
20
vulnerability VCID-bxjw-7426-gyb8
21
vulnerability VCID-cczn-x8q7-k7ba
22
vulnerability VCID-cjgc-q6p5-2ydc
23
vulnerability VCID-ck23-cxn6-bbf3
24
vulnerability VCID-dbrh-t8zx-nkd9
25
vulnerability VCID-dm97-51uu-r7gw
26
vulnerability VCID-dsu7-jjjq-f3e1
27
vulnerability VCID-ehzg-bzrd-kbcc
28
vulnerability VCID-f4pm-9tq5-q3ch
29
vulnerability VCID-gcnj-6qb6-pbgz
30
vulnerability VCID-h958-d3pm-kfcs
31
vulnerability VCID-kgcq-paqm-9ya6
32
vulnerability VCID-kpze-14jy-xud9
33
vulnerability VCID-kqbk-4q4z-nkec
34
vulnerability VCID-mnz3-rj21-67ad
35
vulnerability VCID-n15v-ta9h-6ffb
36
vulnerability VCID-n78p-x7hh-gqcf
37
vulnerability VCID-ne8w-dpjw-7qf1
38
vulnerability VCID-nwxj-3ajk-rkh5
39
vulnerability VCID-pgzu-kxuj-j3fh
40
vulnerability VCID-pk8d-8u15-5bfq
41
vulnerability VCID-q6dx-uskc-y3hs
42
vulnerability VCID-qemc-8kj8-r3cd
43
vulnerability VCID-rdrs-mhaw-b3ge
44
vulnerability VCID-re9h-ze98-rbhu
45
vulnerability VCID-rwgf-2pfh-ufdz
46
vulnerability VCID-se8w-fv8x-tqde
47
vulnerability VCID-sr3p-pdxy-4yhu
48
vulnerability VCID-t3jn-vwbx-u7cr
49
vulnerability VCID-tmrt-6fxw-5ugh
50
vulnerability VCID-tw1y-t4qj-j3d1
51
vulnerability VCID-vbbx-pk8m-jfhd
52
vulnerability VCID-vndb-w8e1-4ugv
53
vulnerability VCID-wr5t-xqnn-gkcj
54
vulnerability VCID-ww44-zmx7-47ft
55
vulnerability VCID-wxps-mnue-6bbh
56
vulnerability VCID-xa4m-xpa9-v7h8
57
vulnerability VCID-xhq3-ts9t-sbdy
58
vulnerability VCID-xkpp-psz2-2kag
59
vulnerability VCID-xp55-jxjr-zqcb
60
vulnerability VCID-xqew-bx7v-1qfk
61
vulnerability VCID-y32z-2d3f-gkgw
62
vulnerability VCID-zdq2-dhb2-6kaq
63
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
1
url pkg:composer/typo3/cms@8.0.0
purl pkg:composer/typo3/cms@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1bnd-6xsq-nbec
2
vulnerability VCID-1jcy-nx8g-z3d3
3
vulnerability VCID-1kae-ffj3-xyc7
4
vulnerability VCID-1qjx-grvf-y7bk
5
vulnerability VCID-25t3-1sm6-3kdn
6
vulnerability VCID-28bf-jvah-zkhw
7
vulnerability VCID-2fs8-bscc-3ye2
8
vulnerability VCID-2meq-x4kd-bbdn
9
vulnerability VCID-3gg5-1921-rbfs
10
vulnerability VCID-3n2r-awja-dug9
11
vulnerability VCID-3v4n-fzxa-bfaw
12
vulnerability VCID-435j-f3yx-9yep
13
vulnerability VCID-47px-4d98-ubab
14
vulnerability VCID-4ack-haf2-cfbe
15
vulnerability VCID-4btk-jt5n-2ugf
16
vulnerability VCID-551q-gpyd-ffe8
17
vulnerability VCID-5jgb-dsyx-hyb4
18
vulnerability VCID-5paq-5frf-43ed
19
vulnerability VCID-5ppt-avmb-cqb2
20
vulnerability VCID-5qfv-y43v-akdm
21
vulnerability VCID-5yg8-2cbr-d3as
22
vulnerability VCID-6487-15z5-pkd4
23
vulnerability VCID-6b5q-vzs3-pkcc
24
vulnerability VCID-6wsa-4ywc-8fh4
25
vulnerability VCID-7d1g-j3k5-gub8
26
vulnerability VCID-8jp8-a363-67be
27
vulnerability VCID-9g62-zd1x-3bdg
28
vulnerability VCID-9gpp-ez8w-rqav
29
vulnerability VCID-auw7-pc55-73hj
30
vulnerability VCID-axaf-45kr-kbfe
31
vulnerability VCID-bajy-qbwq-fufn
32
vulnerability VCID-bck9-34jp-6ydx
33
vulnerability VCID-bmj2-4k58-tqa4
34
vulnerability VCID-bnne-7p2q-eqd2
35
vulnerability VCID-bxjw-7426-gyb8
36
vulnerability VCID-c2tm-eqmm-1ugt
37
vulnerability VCID-c6zq-cfg5-u7d9
38
vulnerability VCID-cm14-t8uv-k3es
39
vulnerability VCID-cmka-8484-27bu
40
vulnerability VCID-dbrh-t8zx-nkd9
41
vulnerability VCID-dj88-f3p8-cfbn
42
vulnerability VCID-dm97-51uu-r7gw
43
vulnerability VCID-dquc-7amf-e7cs
44
vulnerability VCID-dsu7-jjjq-f3e1
45
vulnerability VCID-e72u-tpc3-23g3
46
vulnerability VCID-e7sv-4xc2-m3d5
47
vulnerability VCID-eajg-ctpd-2bby
48
vulnerability VCID-ehzg-bzrd-kbcc
49
vulnerability VCID-ekfd-wp8z-d7e1
50
vulnerability VCID-ep6t-zwd1-4bb3
51
vulnerability VCID-euk5-hagy-xqfz
52
vulnerability VCID-f1rq-qudk-zkf2
53
vulnerability VCID-fber-yp9q-f7dr
54
vulnerability VCID-fqbx-7xyq-fkav
55
vulnerability VCID-fy3g-uegw-2bew
56
vulnerability VCID-gcnj-6qb6-pbgz
57
vulnerability VCID-gezz-pvpj-p3c6
58
vulnerability VCID-gspd-apwy-efgu
59
vulnerability VCID-h63t-9enx-qfdn
60
vulnerability VCID-h958-d3pm-kfcs
61
vulnerability VCID-he5m-6wj4-rbhc
62
vulnerability VCID-hpgq-deze-p7dp
63
vulnerability VCID-hv3n-j8ck-1ufx
64
vulnerability VCID-j77k-hjgx-5kc5
65
vulnerability VCID-jppe-cbgm-k3cz
66
vulnerability VCID-jqth-wfgx-87cx
67
vulnerability VCID-k4h1-mvnf-1ybx
68
vulnerability VCID-k8af-cg9k-87a9
69
vulnerability VCID-m3nf-1qbv-d3dj
70
vulnerability VCID-m7w6-b2xu-6uee
71
vulnerability VCID-mnz3-rj21-67ad
72
vulnerability VCID-mqbh-k9n3-nbed
73
vulnerability VCID-mqk6-z77g-bfdv
74
vulnerability VCID-mub5-s7h1-57cy
75
vulnerability VCID-n15v-ta9h-6ffb
76
vulnerability VCID-n61z-6v8a-hygf
77
vulnerability VCID-n78p-x7hh-gqcf
78
vulnerability VCID-nnh9-udcj-m7fv
79
vulnerability VCID-npn5-rand-q3dg
80
vulnerability VCID-nt6a-5zkv-pbcm
81
vulnerability VCID-nwxj-3ajk-rkh5
82
vulnerability VCID-p1u9-66hm-47er
83
vulnerability VCID-p545-vwe6-9kfr
84
vulnerability VCID-pk8d-8u15-5bfq
85
vulnerability VCID-pnfa-cksc-43de
86
vulnerability VCID-prbd-r82t-87dm
87
vulnerability VCID-px44-19tj-h7aa
88
vulnerability VCID-q8hy-wjd9-nbgp
89
vulnerability VCID-q9ak-qcq6-qfhy
90
vulnerability VCID-qb4j-9tz7-m7a2
91
vulnerability VCID-rdrs-mhaw-b3ge
92
vulnerability VCID-rg5d-d8nc-9qfu
93
vulnerability VCID-rzw5-8d1u-sfam
94
vulnerability VCID-s64f-x81f-b7ce
95
vulnerability VCID-shqd-udhm-pff8
96
vulnerability VCID-sr3p-pdxy-4yhu
97
vulnerability VCID-stzu-sxe6-5yf5
98
vulnerability VCID-t1n7-eswt-73gw
99
vulnerability VCID-t3jn-vwbx-u7cr
100
vulnerability VCID-tmrt-6fxw-5ugh
101
vulnerability VCID-tqf5-2fsm-8fch
102
vulnerability VCID-tw1y-t4qj-j3d1
103
vulnerability VCID-uckg-j48d-efad
104
vulnerability VCID-utpu-q2dv-m3hm
105
vulnerability VCID-vndb-w8e1-4ugv
106
vulnerability VCID-vrt1-aj9v-2kb6
107
vulnerability VCID-vxj6-wvyz-zbaq
108
vulnerability VCID-vxry-uvph-kbfd
109
vulnerability VCID-vybh-pxr3-17hn
110
vulnerability VCID-wea9-egep-h7g5
111
vulnerability VCID-wge3-kxdq-f3bz
112
vulnerability VCID-wr5t-xqnn-gkcj
113
vulnerability VCID-wxps-mnue-6bbh
114
vulnerability VCID-xa4m-xpa9-v7h8
115
vulnerability VCID-xh7y-56vy-5ud8
116
vulnerability VCID-xqew-bx7v-1qfk
117
vulnerability VCID-y32z-2d3f-gkgw
118
vulnerability VCID-zawz-vky5-tkgt
119
vulnerability VCID-zdq2-dhb2-6kaq
120
vulnerability VCID-zkea-ge1t-z7gn
121
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.0.0
2
url pkg:composer/typo3/cms@8.7.38
purl pkg:composer/typo3/cms@8.7.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.38
3
url pkg:composer/typo3/cms@9.5.23
purl pkg:composer/typo3/cms@9.5.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-5paq-5frf-43ed
2
vulnerability VCID-6a9t-8dmn-s3bv
3
vulnerability VCID-bajy-qbwq-fufn
4
vulnerability VCID-d8d1-sat6-muhe
5
vulnerability VCID-dsu7-jjjq-f3e1
6
vulnerability VCID-ekfd-wp8z-d7e1
7
vulnerability VCID-he5m-6wj4-rbhc
8
vulnerability VCID-mnz3-rj21-67ad
9
vulnerability VCID-n15v-ta9h-6ffb
10
vulnerability VCID-s64f-x81f-b7ce
11
vulnerability VCID-t1n7-eswt-73gw
12
vulnerability VCID-t3jn-vwbx-u7cr
13
vulnerability VCID-ve7g-8st5-wffb
14
vulnerability VCID-vyvy-y3cw-hbgr
15
vulnerability VCID-xh7y-56vy-5ud8
16
vulnerability VCID-y32z-2d3f-gkgw
17
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.23
4
url pkg:composer/typo3/cms@10.4.10
purl pkg:composer/typo3/cms@10.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-4jpa-6fqh-hbfg
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6a9t-8dmn-s3bv
5
vulnerability VCID-8sdd-b1bn-cuhx
6
vulnerability VCID-a89c-jvwa-6kh5
7
vulnerability VCID-av8u-rvzq-4fc7
8
vulnerability VCID-bajy-qbwq-fufn
9
vulnerability VCID-d8d1-sat6-muhe
10
vulnerability VCID-dhrm-uxuv-zfaj
11
vulnerability VCID-dsu7-jjjq-f3e1
12
vulnerability VCID-e32h-8q61-hbgc
13
vulnerability VCID-ekfd-wp8z-d7e1
14
vulnerability VCID-he5m-6wj4-rbhc
15
vulnerability VCID-mnz3-rj21-67ad
16
vulnerability VCID-n15v-ta9h-6ffb
17
vulnerability VCID-remd-55jh-r3g5
18
vulnerability VCID-s55j-8hbt-akhn
19
vulnerability VCID-s64f-x81f-b7ce
20
vulnerability VCID-t1n7-eswt-73gw
21
vulnerability VCID-t3jn-vwbx-u7cr
22
vulnerability VCID-ve7g-8st5-wffb
23
vulnerability VCID-vwb2-a84s-5qak
24
vulnerability VCID-vyvy-y3cw-hbgr
25
vulnerability VCID-w13x-3rp9-wyej
26
vulnerability VCID-xh7y-56vy-5ud8
27
vulnerability VCID-y32z-2d3f-gkgw
28
vulnerability VCID-yj9g-uz1a-jkf2
29
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.10
aliases CVE-2020-26227, GHSA-vqqx-jw6p-q3rf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f963-qur3-2qb7
3
url VCID-gcnj-6qb6-pbgz
vulnerability_id VCID-gcnj-6qb6-pbgz
summary 
TYPO3 Directory Traversal on ZIP extraction
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19848
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59108
published_at 2026-04-21T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.58989
published_at 2026-04-01T12:55:00Z
2
value 0.00374
scoring_system epss
scoring_elements 0.59064
published_at 2026-04-02T12:55:00Z
3
value 0.00374
scoring_system epss
scoring_elements 0.59087
published_at 2026-04-13T12:55:00Z
4
value 0.00374
scoring_system epss
scoring_elements 0.59051
published_at 2026-04-07T12:55:00Z
5
value 0.00374
scoring_system epss
scoring_elements 0.59102
published_at 2026-04-08T12:55:00Z
6
value 0.00374
scoring_system epss
scoring_elements 0.59106
published_at 2026-04-12T12:55:00Z
7
value 0.00374
scoring_system epss
scoring_elements 0.59125
published_at 2026-04-11T12:55:00Z
8
value 0.00374
scoring_system epss
scoring_elements 0.59124
published_at 2026-04-16T12:55:00Z
9
value 0.00374
scoring_system epss
scoring_elements 0.59128
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19848
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19848
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19848
4
reference_url https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-024
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-024
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-024/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-024/
7
reference_url https://github.com/advisories/GHSA-77p4-wfr8-977w
reference_id GHSA-77p4-wfr8-977w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77p4-wfr8-977w
fixed_packages
0
url pkg:composer/typo3/cms@8.7.30
purl pkg:composer/typo3/cms@8.7.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-5paq-5frf-43ed
2
vulnerability VCID-bajy-qbwq-fufn
3
vulnerability VCID-dsu7-jjjq-f3e1
4
vulnerability VCID-ekfd-wp8z-d7e1
5
vulnerability VCID-f963-qur3-2qb7
6
vulnerability VCID-he5m-6wj4-rbhc
7
vulnerability VCID-mnz3-rj21-67ad
8
vulnerability VCID-n15v-ta9h-6ffb
9
vulnerability VCID-s64f-x81f-b7ce
10
vulnerability VCID-t1n7-eswt-73gw
11
vulnerability VCID-t3jn-vwbx-u7cr
12
vulnerability VCID-vyvy-y3cw-hbgr
13
vulnerability VCID-xh7y-56vy-5ud8
14
vulnerability VCID-y32z-2d3f-gkgw
15
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30
1
url pkg:composer/typo3/cms@9.5.12
purl pkg:composer/typo3/cms@9.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2mn6-mdmz-4yd9
1
vulnerability VCID-543x-cnbz-1kb9
2
vulnerability VCID-58js-jzm4-4fc7
3
vulnerability VCID-5jgb-dsyx-hyb4
4
vulnerability VCID-5kzs-ex81-bbaj
5
vulnerability VCID-5paq-5frf-43ed
6
vulnerability VCID-6a9t-8dmn-s3bv
7
vulnerability VCID-7kjw-j8st-mqfr
8
vulnerability VCID-a49c-fqrj-nbb3
9
vulnerability VCID-bajy-qbwq-fufn
10
vulnerability VCID-d8d1-sat6-muhe
11
vulnerability VCID-dsu7-jjjq-f3e1
12
vulnerability VCID-ekfd-wp8z-d7e1
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-he5m-6wj4-rbhc
15
vulnerability VCID-mnz3-rj21-67ad
16
vulnerability VCID-n15v-ta9h-6ffb
17
vulnerability VCID-phgh-sd4m-zbdx
18
vulnerability VCID-s64f-x81f-b7ce
19
vulnerability VCID-sw7v-fbjk-13hy
20
vulnerability VCID-t1n7-eswt-73gw
21
vulnerability VCID-t3jn-vwbx-u7cr
22
vulnerability VCID-ve7g-8st5-wffb
23
vulnerability VCID-vyvy-y3cw-hbgr
24
vulnerability VCID-xh7y-56vy-5ud8
25
vulnerability VCID-y32z-2d3f-gkgw
26
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12
2
url pkg:composer/typo3/cms@10.2.2
purl pkg:composer/typo3/cms@10.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-2mn6-mdmz-4yd9
2
vulnerability VCID-4jpa-6fqh-hbfg
3
vulnerability VCID-543x-cnbz-1kb9
4
vulnerability VCID-58js-jzm4-4fc7
5
vulnerability VCID-5jgb-dsyx-hyb4
6
vulnerability VCID-5kzs-ex81-bbaj
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6a9t-8dmn-s3bv
9
vulnerability VCID-7kjw-j8st-mqfr
10
vulnerability VCID-8sdd-b1bn-cuhx
11
vulnerability VCID-a49c-fqrj-nbb3
12
vulnerability VCID-a89c-jvwa-6kh5
13
vulnerability VCID-av8u-rvzq-4fc7
14
vulnerability VCID-bajy-qbwq-fufn
15
vulnerability VCID-cdjv-fp71-y3dv
16
vulnerability VCID-d8d1-sat6-muhe
17
vulnerability VCID-dhrm-uxuv-zfaj
18
vulnerability VCID-dsu7-jjjq-f3e1
19
vulnerability VCID-e32h-8q61-hbgc
20
vulnerability VCID-ekfd-wp8z-d7e1
21
vulnerability VCID-f963-qur3-2qb7
22
vulnerability VCID-he5m-6wj4-rbhc
23
vulnerability VCID-mnz3-rj21-67ad
24
vulnerability VCID-n15v-ta9h-6ffb
25
vulnerability VCID-phgh-sd4m-zbdx
26
vulnerability VCID-remd-55jh-r3g5
27
vulnerability VCID-s55j-8hbt-akhn
28
vulnerability VCID-s64f-x81f-b7ce
29
vulnerability VCID-sw7v-fbjk-13hy
30
vulnerability VCID-t1n7-eswt-73gw
31
vulnerability VCID-t3jn-vwbx-u7cr
32
vulnerability VCID-usmv-r64u-m7cb
33
vulnerability VCID-ve7g-8st5-wffb
34
vulnerability VCID-vwb2-a84s-5qak
35
vulnerability VCID-vyvy-y3cw-hbgr
36
vulnerability VCID-w13x-3rp9-wyej
37
vulnerability VCID-xh7y-56vy-5ud8
38
vulnerability VCID-y32z-2d3f-gkgw
39
vulnerability VCID-yj9g-uz1a-jkf2
40
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2
aliases CVE-2019-19848, GHSA-77p4-wfr8-977w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gcnj-6qb6-pbgz
4
url VCID-hv3n-j8ck-1ufx
vulnerability_id VCID-hv3n-j8ck-1ufx
summary 
TYPO3 Remote Code Execution in third party library swiftmailer
TYPO3 uses the package swiftmailer/swiftmailer for mail actions. This package is known to be vulnerable to Remote Code Execution.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-01-03-1.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-01-03-1.yaml
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://typo3.org/security/advisory/typo3-core-sa-2017-001
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2017-001
3
reference_url https://github.com/advisories/GHSA-g4pf-3jvq-2gcw
reference_id GHSA-g4pf-3jvq-2gcw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g4pf-3jvq-2gcw
fixed_packages
0
url pkg:composer/typo3/cms@6.2.30
purl pkg:composer/typo3/cms@6.2.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-nwxj-3ajk-rkh5
5
vulnerability VCID-re9h-ze98-rbhu
6
vulnerability VCID-xa4m-xpa9-v7h8
7
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.30
1
url pkg:composer/typo3/cms@7.6.15
purl pkg:composer/typo3/cms@7.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-jqth-wfgx-87cx
19
vulnerability VCID-mnz3-rj21-67ad
20
vulnerability VCID-mqbh-k9n3-nbed
21
vulnerability VCID-mub5-s7h1-57cy
22
vulnerability VCID-n15v-ta9h-6ffb
23
vulnerability VCID-n78p-x7hh-gqcf
24
vulnerability VCID-nt6a-5zkv-pbcm
25
vulnerability VCID-nwxj-3ajk-rkh5
26
vulnerability VCID-pk8d-8u15-5bfq
27
vulnerability VCID-pnfa-cksc-43de
28
vulnerability VCID-rdrs-mhaw-b3ge
29
vulnerability VCID-rzw5-8d1u-sfam
30
vulnerability VCID-sr3p-pdxy-4yhu
31
vulnerability VCID-sxr7-cutf-8kh6
32
vulnerability VCID-t3jn-vwbx-u7cr
33
vulnerability VCID-tmrt-6fxw-5ugh
34
vulnerability VCID-tw1y-t4qj-j3d1
35
vulnerability VCID-vndb-w8e1-4ugv
36
vulnerability VCID-vrt1-aj9v-2kb6
37
vulnerability VCID-wge3-kxdq-f3bz
38
vulnerability VCID-wr5t-xqnn-gkcj
39
vulnerability VCID-wxps-mnue-6bbh
40
vulnerability VCID-xa4m-xpa9-v7h8
41
vulnerability VCID-xqew-bx7v-1qfk
42
vulnerability VCID-y32z-2d3f-gkgw
43
vulnerability VCID-zdq2-dhb2-6kaq
44
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.15
2
url pkg:composer/typo3/cms@8.5.1
purl pkg:composer/typo3/cms@8.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1jp6-qjpr-xfev
2
vulnerability VCID-1kae-ffj3-xyc7
3
vulnerability VCID-28bf-jvah-zkhw
4
vulnerability VCID-2fs8-bscc-3ye2
5
vulnerability VCID-2meq-x4kd-bbdn
6
vulnerability VCID-3gg5-1921-rbfs
7
vulnerability VCID-3n2r-awja-dug9
8
vulnerability VCID-3v4n-fzxa-bfaw
9
vulnerability VCID-4ack-haf2-cfbe
10
vulnerability VCID-4btk-jt5n-2ugf
11
vulnerability VCID-551q-gpyd-ffe8
12
vulnerability VCID-5jgb-dsyx-hyb4
13
vulnerability VCID-5paq-5frf-43ed
14
vulnerability VCID-5qfv-y43v-akdm
15
vulnerability VCID-5yg8-2cbr-d3as
16
vulnerability VCID-6487-15z5-pkd4
17
vulnerability VCID-6b5q-vzs3-pkcc
18
vulnerability VCID-9g62-zd1x-3bdg
19
vulnerability VCID-9gpp-ez8w-rqav
20
vulnerability VCID-9jj4-ec9n-qbhs
21
vulnerability VCID-axaf-45kr-kbfe
22
vulnerability VCID-bajy-qbwq-fufn
23
vulnerability VCID-bnne-7p2q-eqd2
24
vulnerability VCID-bxjw-7426-gyb8
25
vulnerability VCID-byp6-edft-fbhm
26
vulnerability VCID-c2tm-eqmm-1ugt
27
vulnerability VCID-cm14-t8uv-k3es
28
vulnerability VCID-cmka-8484-27bu
29
vulnerability VCID-dbrh-t8zx-nkd9
30
vulnerability VCID-dj88-f3p8-cfbn
31
vulnerability VCID-dm97-51uu-r7gw
32
vulnerability VCID-dquc-7amf-e7cs
33
vulnerability VCID-dsu7-jjjq-f3e1
34
vulnerability VCID-e72u-tpc3-23g3
35
vulnerability VCID-e7sv-4xc2-m3d5
36
vulnerability VCID-eajg-ctpd-2bby
37
vulnerability VCID-ehzg-bzrd-kbcc
38
vulnerability VCID-ekfd-wp8z-d7e1
39
vulnerability VCID-ep6t-zwd1-4bb3
40
vulnerability VCID-euk5-hagy-xqfz
41
vulnerability VCID-fy3g-uegw-2bew
42
vulnerability VCID-gcnj-6qb6-pbgz
43
vulnerability VCID-h63t-9enx-qfdn
44
vulnerability VCID-he5m-6wj4-rbhc
45
vulnerability VCID-hpgq-deze-p7dp
46
vulnerability VCID-j77k-hjgx-5kc5
47
vulnerability VCID-jppe-cbgm-k3cz
48
vulnerability VCID-jqth-wfgx-87cx
49
vulnerability VCID-k4h1-mvnf-1ybx
50
vulnerability VCID-k8af-cg9k-87a9
51
vulnerability VCID-m7w6-b2xu-6uee
52
vulnerability VCID-mnz3-rj21-67ad
53
vulnerability VCID-mqbh-k9n3-nbed
54
vulnerability VCID-mub5-s7h1-57cy
55
vulnerability VCID-n15v-ta9h-6ffb
56
vulnerability VCID-n78p-x7hh-gqcf
57
vulnerability VCID-nt6a-5zkv-pbcm
58
vulnerability VCID-nwxj-3ajk-rkh5
59
vulnerability VCID-pk8d-8u15-5bfq
60
vulnerability VCID-pnfa-cksc-43de
61
vulnerability VCID-px44-19tj-h7aa
62
vulnerability VCID-q8hy-wjd9-nbgp
63
vulnerability VCID-qb4j-9tz7-m7a2
64
vulnerability VCID-rdrs-mhaw-b3ge
65
vulnerability VCID-rzw5-8d1u-sfam
66
vulnerability VCID-s64f-x81f-b7ce
67
vulnerability VCID-shqd-udhm-pff8
68
vulnerability VCID-sr3p-pdxy-4yhu
69
vulnerability VCID-stzu-sxe6-5yf5
70
vulnerability VCID-t1n7-eswt-73gw
71
vulnerability VCID-t3jn-vwbx-u7cr
72
vulnerability VCID-tgma-cyvk-97ay
73
vulnerability VCID-tmrt-6fxw-5ugh
74
vulnerability VCID-tqf5-2fsm-8fch
75
vulnerability VCID-tw1y-t4qj-j3d1
76
vulnerability VCID-uw2r-3gvq-bbcq
77
vulnerability VCID-vndb-w8e1-4ugv
78
vulnerability VCID-vrt1-aj9v-2kb6
79
vulnerability VCID-vxj6-wvyz-zbaq
80
vulnerability VCID-vxry-uvph-kbfd
81
vulnerability VCID-vybh-pxr3-17hn
82
vulnerability VCID-wea9-egep-h7g5
83
vulnerability VCID-wge3-kxdq-f3bz
84
vulnerability VCID-wkm6-cgc8-bfa8
85
vulnerability VCID-wr5t-xqnn-gkcj
86
vulnerability VCID-wxps-mnue-6bbh
87
vulnerability VCID-xa4m-xpa9-v7h8
88
vulnerability VCID-xh7y-56vy-5ud8
89
vulnerability VCID-xqew-bx7v-1qfk
90
vulnerability VCID-y32z-2d3f-gkgw
91
vulnerability VCID-zdq2-dhb2-6kaq
92
vulnerability VCID-zkea-ge1t-z7gn
93
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.5.1
aliases GHSA-g4pf-3jvq-2gcw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hv3n-j8ck-1ufx
5
url VCID-nwxj-3ajk-rkh5
vulnerability_id VCID-nwxj-3ajk-rkh5
summary 
Cross-site Scripting
The page module in TYPO3 is vulnerable to XSS via `$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']`, as demonstrated by an admin entering a crafted site name during the installation process.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-6905
reference_id
reference_type
scores
0
value 0.02274
scoring_system epss
scoring_elements 0.84681
published_at 2026-04-21T12:55:00Z
1
value 0.02274
scoring_system epss
scoring_elements 0.84584
published_at 2026-04-01T12:55:00Z
2
value 0.02274
scoring_system epss
scoring_elements 0.84599
published_at 2026-04-02T12:55:00Z
3
value 0.02274
scoring_system epss
scoring_elements 0.84619
published_at 2026-04-04T12:55:00Z
4
value 0.02274
scoring_system epss
scoring_elements 0.84621
published_at 2026-04-07T12:55:00Z
5
value 0.02274
scoring_system epss
scoring_elements 0.84642
published_at 2026-04-08T12:55:00Z
6
value 0.02274
scoring_system epss
scoring_elements 0.84649
published_at 2026-04-09T12:55:00Z
7
value 0.02274
scoring_system epss
scoring_elements 0.84666
published_at 2026-04-11T12:55:00Z
8
value 0.02274
scoring_system epss
scoring_elements 0.84662
published_at 2026-04-12T12:55:00Z
9
value 0.02274
scoring_system epss
scoring_elements 0.84657
published_at 2026-04-13T12:55:00Z
10
value 0.02274
scoring_system epss
scoring_elements 0.84678
published_at 2026-04-16T12:55:00Z
11
value 0.02274
scoring_system epss
scoring_elements 0.84679
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-6905
1
reference_url https://forge.typo3.org/issues/84191
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forge.typo3.org/issues/84191
2
reference_url https://github.com/pradeepjairamani/TYPO3-XSS-POC
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pradeepjairamani/TYPO3-XSS-POC
3
reference_url https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35
4
reference_url http://www.securitytracker.com/id/1040755
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040755
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-6905
reference_id CVE-2018-6905
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-6905
6
reference_url https://github.com/advisories/GHSA-3w22-wrwx-2r75
reference_id GHSA-3w22-wrwx-2r75
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3w22-wrwx-2r75
fixed_packages
0
url pkg:composer/typo3/cms@8.7.11
purl pkg:composer/typo3/cms@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1jp6-qjpr-xfev
2
vulnerability VCID-1kae-ffj3-xyc7
3
vulnerability VCID-28bf-jvah-zkhw
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-3gg5-1921-rbfs
6
vulnerability VCID-3n2r-awja-dug9
7
vulnerability VCID-3v4n-fzxa-bfaw
8
vulnerability VCID-4ack-haf2-cfbe
9
vulnerability VCID-4btk-jt5n-2ugf
10
vulnerability VCID-551q-gpyd-ffe8
11
vulnerability VCID-5jgb-dsyx-hyb4
12
vulnerability VCID-5paq-5frf-43ed
13
vulnerability VCID-5qfv-y43v-akdm
14
vulnerability VCID-6487-15z5-pkd4
15
vulnerability VCID-6b5q-vzs3-pkcc
16
vulnerability VCID-9g62-zd1x-3bdg
17
vulnerability VCID-9gpp-ez8w-rqav
18
vulnerability VCID-9jj4-ec9n-qbhs
19
vulnerability VCID-axaf-45kr-kbfe
20
vulnerability VCID-bajy-qbwq-fufn
21
vulnerability VCID-bnne-7p2q-eqd2
22
vulnerability VCID-bxjw-7426-gyb8
23
vulnerability VCID-byp6-edft-fbhm
24
vulnerability VCID-c2tm-eqmm-1ugt
25
vulnerability VCID-cm14-t8uv-k3es
26
vulnerability VCID-cmka-8484-27bu
27
vulnerability VCID-dbrh-t8zx-nkd9
28
vulnerability VCID-dj88-f3p8-cfbn
29
vulnerability VCID-dm97-51uu-r7gw
30
vulnerability VCID-dsu7-jjjq-f3e1
31
vulnerability VCID-e72u-tpc3-23g3
32
vulnerability VCID-eajg-ctpd-2bby
33
vulnerability VCID-ehzg-bzrd-kbcc
34
vulnerability VCID-ekfd-wp8z-d7e1
35
vulnerability VCID-f963-qur3-2qb7
36
vulnerability VCID-gcnj-6qb6-pbgz
37
vulnerability VCID-he5m-6wj4-rbhc
38
vulnerability VCID-j77k-hjgx-5kc5
39
vulnerability VCID-jppe-cbgm-k3cz
40
vulnerability VCID-k4h1-mvnf-1ybx
41
vulnerability VCID-k8af-cg9k-87a9
42
vulnerability VCID-m7w6-b2xu-6uee
43
vulnerability VCID-mnz3-rj21-67ad
44
vulnerability VCID-n15v-ta9h-6ffb
45
vulnerability VCID-n78p-x7hh-gqcf
46
vulnerability VCID-pk8d-8u15-5bfq
47
vulnerability VCID-px44-19tj-h7aa
48
vulnerability VCID-q8hy-wjd9-nbgp
49
vulnerability VCID-qb4j-9tz7-m7a2
50
vulnerability VCID-rdrs-mhaw-b3ge
51
vulnerability VCID-s64f-x81f-b7ce
52
vulnerability VCID-shqd-udhm-pff8
53
vulnerability VCID-sr3p-pdxy-4yhu
54
vulnerability VCID-stzu-sxe6-5yf5
55
vulnerability VCID-t1n7-eswt-73gw
56
vulnerability VCID-t3jn-vwbx-u7cr
57
vulnerability VCID-tmrt-6fxw-5ugh
58
vulnerability VCID-tqf5-2fsm-8fch
59
vulnerability VCID-tw1y-t4qj-j3d1
60
vulnerability VCID-vndb-w8e1-4ugv
61
vulnerability VCID-vxj6-wvyz-zbaq
62
vulnerability VCID-vxry-uvph-kbfd
63
vulnerability VCID-vybh-pxr3-17hn
64
vulnerability VCID-vyvy-y3cw-hbgr
65
vulnerability VCID-wea9-egep-h7g5
66
vulnerability VCID-wkm6-cgc8-bfa8
67
vulnerability VCID-wr5t-xqnn-gkcj
68
vulnerability VCID-wxps-mnue-6bbh
69
vulnerability VCID-xa4m-xpa9-v7h8
70
vulnerability VCID-xh7y-56vy-5ud8
71
vulnerability VCID-xqew-bx7v-1qfk
72
vulnerability VCID-y32z-2d3f-gkgw
73
vulnerability VCID-zdq2-dhb2-6kaq
74
vulnerability VCID-zkea-ge1t-z7gn
75
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.11
1
url pkg:composer/typo3/cms@9.1.0
purl pkg:composer/typo3/cms@9.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1jp6-qjpr-xfev
2
vulnerability VCID-1kae-ffj3-xyc7
3
vulnerability VCID-28bf-jvah-zkhw
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-2mn6-mdmz-4yd9
6
vulnerability VCID-3gg5-1921-rbfs
7
vulnerability VCID-3n2r-awja-dug9
8
vulnerability VCID-3v4n-fzxa-bfaw
9
vulnerability VCID-4ack-haf2-cfbe
10
vulnerability VCID-4btk-jt5n-2ugf
11
vulnerability VCID-4mkw-tv16-jyca
12
vulnerability VCID-543x-cnbz-1kb9
13
vulnerability VCID-551q-gpyd-ffe8
14
vulnerability VCID-58js-jzm4-4fc7
15
vulnerability VCID-5jgb-dsyx-hyb4
16
vulnerability VCID-5kzs-ex81-bbaj
17
vulnerability VCID-5paq-5frf-43ed
18
vulnerability VCID-6487-15z5-pkd4
19
vulnerability VCID-6a9t-8dmn-s3bv
20
vulnerability VCID-6b5q-vzs3-pkcc
21
vulnerability VCID-9g62-zd1x-3bdg
22
vulnerability VCID-9gpp-ez8w-rqav
23
vulnerability VCID-9jj4-ec9n-qbhs
24
vulnerability VCID-a49c-fqrj-nbb3
25
vulnerability VCID-anfj-pmkg-skhe
26
vulnerability VCID-axaf-45kr-kbfe
27
vulnerability VCID-bajy-qbwq-fufn
28
vulnerability VCID-bnne-7p2q-eqd2
29
vulnerability VCID-bxjw-7426-gyb8
30
vulnerability VCID-byp6-edft-fbhm
31
vulnerability VCID-c2tm-eqmm-1ugt
32
vulnerability VCID-cm14-t8uv-k3es
33
vulnerability VCID-cmka-8484-27bu
34
vulnerability VCID-d8d1-sat6-muhe
35
vulnerability VCID-dbrh-t8zx-nkd9
36
vulnerability VCID-dcy2-efyc-6qgq
37
vulnerability VCID-dj88-f3p8-cfbn
38
vulnerability VCID-dm97-51uu-r7gw
39
vulnerability VCID-dsu7-jjjq-f3e1
40
vulnerability VCID-e72u-tpc3-23g3
41
vulnerability VCID-eajg-ctpd-2bby
42
vulnerability VCID-ekfd-wp8z-d7e1
43
vulnerability VCID-f963-qur3-2qb7
44
vulnerability VCID-gcnj-6qb6-pbgz
45
vulnerability VCID-he5m-6wj4-rbhc
46
vulnerability VCID-jppe-cbgm-k3cz
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-kc67-7kf7-s3d7
50
vulnerability VCID-kj9x-psfz-2ug1
51
vulnerability VCID-m7w6-b2xu-6uee
52
vulnerability VCID-mnz3-rj21-67ad
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-p715-yexd-jfgc
56
vulnerability VCID-phgh-sd4m-zbdx
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-px44-19tj-h7aa
59
vulnerability VCID-q8hy-wjd9-nbgp
60
vulnerability VCID-qb4j-9tz7-m7a2
61
vulnerability VCID-raxk-rm9v-hubn
62
vulnerability VCID-rdrs-mhaw-b3ge
63
vulnerability VCID-s64f-x81f-b7ce
64
vulnerability VCID-shqd-udhm-pff8
65
vulnerability VCID-sr3p-pdxy-4yhu
66
vulnerability VCID-stzu-sxe6-5yf5
67
vulnerability VCID-sw7v-fbjk-13hy
68
vulnerability VCID-t1n7-eswt-73gw
69
vulnerability VCID-t3jn-vwbx-u7cr
70
vulnerability VCID-tmrt-6fxw-5ugh
71
vulnerability VCID-tqf5-2fsm-8fch
72
vulnerability VCID-tw1y-t4qj-j3d1
73
vulnerability VCID-u9bx-8e86-wbew
74
vulnerability VCID-ve7g-8st5-wffb
75
vulnerability VCID-vndb-w8e1-4ugv
76
vulnerability VCID-vxj6-wvyz-zbaq
77
vulnerability VCID-vxry-uvph-kbfd
78
vulnerability VCID-vybh-pxr3-17hn
79
vulnerability VCID-vyvy-y3cw-hbgr
80
vulnerability VCID-wea9-egep-h7g5
81
vulnerability VCID-wkm6-cgc8-bfa8
82
vulnerability VCID-wr5t-xqnn-gkcj
83
vulnerability VCID-wxps-mnue-6bbh
84
vulnerability VCID-xa4m-xpa9-v7h8
85
vulnerability VCID-xh7y-56vy-5ud8
86
vulnerability VCID-xtdg-uj46-rkcm
87
vulnerability VCID-xwc2-z7hx-4qa7
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.1.0
2
url pkg:composer/typo3/cms@9.2.0
purl pkg:composer/typo3/cms@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1jp6-qjpr-xfev
2
vulnerability VCID-1kae-ffj3-xyc7
3
vulnerability VCID-28bf-jvah-zkhw
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-2mn6-mdmz-4yd9
6
vulnerability VCID-3gg5-1921-rbfs
7
vulnerability VCID-3n2r-awja-dug9
8
vulnerability VCID-3v4n-fzxa-bfaw
9
vulnerability VCID-4ack-haf2-cfbe
10
vulnerability VCID-4btk-jt5n-2ugf
11
vulnerability VCID-4mkw-tv16-jyca
12
vulnerability VCID-543x-cnbz-1kb9
13
vulnerability VCID-551q-gpyd-ffe8
14
vulnerability VCID-58js-jzm4-4fc7
15
vulnerability VCID-5jgb-dsyx-hyb4
16
vulnerability VCID-5kzs-ex81-bbaj
17
vulnerability VCID-5paq-5frf-43ed
18
vulnerability VCID-6487-15z5-pkd4
19
vulnerability VCID-6a9t-8dmn-s3bv
20
vulnerability VCID-6b5q-vzs3-pkcc
21
vulnerability VCID-9g62-zd1x-3bdg
22
vulnerability VCID-9gpp-ez8w-rqav
23
vulnerability VCID-9jj4-ec9n-qbhs
24
vulnerability VCID-a49c-fqrj-nbb3
25
vulnerability VCID-anfj-pmkg-skhe
26
vulnerability VCID-axaf-45kr-kbfe
27
vulnerability VCID-bajy-qbwq-fufn
28
vulnerability VCID-bnne-7p2q-eqd2
29
vulnerability VCID-bxjw-7426-gyb8
30
vulnerability VCID-byp6-edft-fbhm
31
vulnerability VCID-c2tm-eqmm-1ugt
32
vulnerability VCID-cm14-t8uv-k3es
33
vulnerability VCID-cmka-8484-27bu
34
vulnerability VCID-d8d1-sat6-muhe
35
vulnerability VCID-dbrh-t8zx-nkd9
36
vulnerability VCID-dcy2-efyc-6qgq
37
vulnerability VCID-dj88-f3p8-cfbn
38
vulnerability VCID-dm97-51uu-r7gw
39
vulnerability VCID-dsu7-jjjq-f3e1
40
vulnerability VCID-e72u-tpc3-23g3
41
vulnerability VCID-eajg-ctpd-2bby
42
vulnerability VCID-ekfd-wp8z-d7e1
43
vulnerability VCID-f963-qur3-2qb7
44
vulnerability VCID-gcnj-6qb6-pbgz
45
vulnerability VCID-he5m-6wj4-rbhc
46
vulnerability VCID-jppe-cbgm-k3cz
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-kc67-7kf7-s3d7
50
vulnerability VCID-kj9x-psfz-2ug1
51
vulnerability VCID-m7w6-b2xu-6uee
52
vulnerability VCID-mnz3-rj21-67ad
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-p715-yexd-jfgc
56
vulnerability VCID-phgh-sd4m-zbdx
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-px44-19tj-h7aa
59
vulnerability VCID-q8hy-wjd9-nbgp
60
vulnerability VCID-qb4j-9tz7-m7a2
61
vulnerability VCID-raxk-rm9v-hubn
62
vulnerability VCID-rdrs-mhaw-b3ge
63
vulnerability VCID-s64f-x81f-b7ce
64
vulnerability VCID-shqd-udhm-pff8
65
vulnerability VCID-sr3p-pdxy-4yhu
66
vulnerability VCID-stzu-sxe6-5yf5
67
vulnerability VCID-sw7v-fbjk-13hy
68
vulnerability VCID-t1n7-eswt-73gw
69
vulnerability VCID-t3jn-vwbx-u7cr
70
vulnerability VCID-tmrt-6fxw-5ugh
71
vulnerability VCID-tqf5-2fsm-8fch
72
vulnerability VCID-tw1y-t4qj-j3d1
73
vulnerability VCID-u9bx-8e86-wbew
74
vulnerability VCID-ve7g-8st5-wffb
75
vulnerability VCID-vndb-w8e1-4ugv
76
vulnerability VCID-vxj6-wvyz-zbaq
77
vulnerability VCID-vxry-uvph-kbfd
78
vulnerability VCID-vybh-pxr3-17hn
79
vulnerability VCID-vyvy-y3cw-hbgr
80
vulnerability VCID-wea9-egep-h7g5
81
vulnerability VCID-wkm6-cgc8-bfa8
82
vulnerability VCID-wr5t-xqnn-gkcj
83
vulnerability VCID-wxps-mnue-6bbh
84
vulnerability VCID-xa4m-xpa9-v7h8
85
vulnerability VCID-xh7y-56vy-5ud8
86
vulnerability VCID-xtdg-uj46-rkcm
87
vulnerability VCID-xwc2-z7hx-4qa7
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.2.0
aliases CVE-2018-6905, GHSA-3w22-wrwx-2r75
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nwxj-3ajk-rkh5
6
url VCID-q9ak-qcq6-qfhy
vulnerability_id VCID-q9ak-qcq6-qfhy
summary 
Code Injection
Remote Code Execution in third party library swiftmailer.
references
0
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-001/
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-001/
fixed_packages
0
url pkg:composer/typo3/cms@6.2.30
purl pkg:composer/typo3/cms@6.2.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-nwxj-3ajk-rkh5
5
vulnerability VCID-re9h-ze98-rbhu
6
vulnerability VCID-xa4m-xpa9-v7h8
7
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.30
1
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-99uu-rfrf-bqa7
14
vulnerability VCID-asym-tgh2-1kg8
15
vulnerability VCID-b45y-dr1a-7qd7
16
vulnerability VCID-b5ht-z6zp-pbht
17
vulnerability VCID-bajy-qbwq-fufn
18
vulnerability VCID-bnne-7p2q-eqd2
19
vulnerability VCID-buax-rz7x-r7c2
20
vulnerability VCID-bxjw-7426-gyb8
21
vulnerability VCID-cczn-x8q7-k7ba
22
vulnerability VCID-cjgc-q6p5-2ydc
23
vulnerability VCID-ck23-cxn6-bbf3
24
vulnerability VCID-dbrh-t8zx-nkd9
25
vulnerability VCID-dm97-51uu-r7gw
26
vulnerability VCID-dsu7-jjjq-f3e1
27
vulnerability VCID-ehzg-bzrd-kbcc
28
vulnerability VCID-f4pm-9tq5-q3ch
29
vulnerability VCID-gcnj-6qb6-pbgz
30
vulnerability VCID-h958-d3pm-kfcs
31
vulnerability VCID-kgcq-paqm-9ya6
32
vulnerability VCID-kpze-14jy-xud9
33
vulnerability VCID-kqbk-4q4z-nkec
34
vulnerability VCID-mnz3-rj21-67ad
35
vulnerability VCID-n15v-ta9h-6ffb
36
vulnerability VCID-n78p-x7hh-gqcf
37
vulnerability VCID-ne8w-dpjw-7qf1
38
vulnerability VCID-nwxj-3ajk-rkh5
39
vulnerability VCID-pgzu-kxuj-j3fh
40
vulnerability VCID-pk8d-8u15-5bfq
41
vulnerability VCID-q6dx-uskc-y3hs
42
vulnerability VCID-qemc-8kj8-r3cd
43
vulnerability VCID-rdrs-mhaw-b3ge
44
vulnerability VCID-re9h-ze98-rbhu
45
vulnerability VCID-rwgf-2pfh-ufdz
46
vulnerability VCID-se8w-fv8x-tqde
47
vulnerability VCID-sr3p-pdxy-4yhu
48
vulnerability VCID-t3jn-vwbx-u7cr
49
vulnerability VCID-tmrt-6fxw-5ugh
50
vulnerability VCID-tw1y-t4qj-j3d1
51
vulnerability VCID-vbbx-pk8m-jfhd
52
vulnerability VCID-vndb-w8e1-4ugv
53
vulnerability VCID-wr5t-xqnn-gkcj
54
vulnerability VCID-ww44-zmx7-47ft
55
vulnerability VCID-wxps-mnue-6bbh
56
vulnerability VCID-xa4m-xpa9-v7h8
57
vulnerability VCID-xhq3-ts9t-sbdy
58
vulnerability VCID-xkpp-psz2-2kag
59
vulnerability VCID-xp55-jxjr-zqcb
60
vulnerability VCID-xqew-bx7v-1qfk
61
vulnerability VCID-y32z-2d3f-gkgw
62
vulnerability VCID-zdq2-dhb2-6kaq
63
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
2
url pkg:composer/typo3/cms@7.6.15
purl pkg:composer/typo3/cms@7.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-jqth-wfgx-87cx
19
vulnerability VCID-mnz3-rj21-67ad
20
vulnerability VCID-mqbh-k9n3-nbed
21
vulnerability VCID-mub5-s7h1-57cy
22
vulnerability VCID-n15v-ta9h-6ffb
23
vulnerability VCID-n78p-x7hh-gqcf
24
vulnerability VCID-nt6a-5zkv-pbcm
25
vulnerability VCID-nwxj-3ajk-rkh5
26
vulnerability VCID-pk8d-8u15-5bfq
27
vulnerability VCID-pnfa-cksc-43de
28
vulnerability VCID-rdrs-mhaw-b3ge
29
vulnerability VCID-rzw5-8d1u-sfam
30
vulnerability VCID-sr3p-pdxy-4yhu
31
vulnerability VCID-sxr7-cutf-8kh6
32
vulnerability VCID-t3jn-vwbx-u7cr
33
vulnerability VCID-tmrt-6fxw-5ugh
34
vulnerability VCID-tw1y-t4qj-j3d1
35
vulnerability VCID-vndb-w8e1-4ugv
36
vulnerability VCID-vrt1-aj9v-2kb6
37
vulnerability VCID-wge3-kxdq-f3bz
38
vulnerability VCID-wr5t-xqnn-gkcj
39
vulnerability VCID-wxps-mnue-6bbh
40
vulnerability VCID-xa4m-xpa9-v7h8
41
vulnerability VCID-xqew-bx7v-1qfk
42
vulnerability VCID-y32z-2d3f-gkgw
43
vulnerability VCID-zdq2-dhb2-6kaq
44
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.15
3
url pkg:composer/typo3/cms@8.5.0
purl pkg:composer/typo3/cms@8.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1jp6-qjpr-xfev
2
vulnerability VCID-1kae-ffj3-xyc7
3
vulnerability VCID-28bf-jvah-zkhw
4
vulnerability VCID-2fs8-bscc-3ye2
5
vulnerability VCID-2meq-x4kd-bbdn
6
vulnerability VCID-3gg5-1921-rbfs
7
vulnerability VCID-3n2r-awja-dug9
8
vulnerability VCID-3v4n-fzxa-bfaw
9
vulnerability VCID-4ack-haf2-cfbe
10
vulnerability VCID-4btk-jt5n-2ugf
11
vulnerability VCID-551q-gpyd-ffe8
12
vulnerability VCID-5jgb-dsyx-hyb4
13
vulnerability VCID-5paq-5frf-43ed
14
vulnerability VCID-5qfv-y43v-akdm
15
vulnerability VCID-5yg8-2cbr-d3as
16
vulnerability VCID-6487-15z5-pkd4
17
vulnerability VCID-6b5q-vzs3-pkcc
18
vulnerability VCID-9g62-zd1x-3bdg
19
vulnerability VCID-9gpp-ez8w-rqav
20
vulnerability VCID-9jj4-ec9n-qbhs
21
vulnerability VCID-axaf-45kr-kbfe
22
vulnerability VCID-bajy-qbwq-fufn
23
vulnerability VCID-bnne-7p2q-eqd2
24
vulnerability VCID-bxjw-7426-gyb8
25
vulnerability VCID-byp6-edft-fbhm
26
vulnerability VCID-c2tm-eqmm-1ugt
27
vulnerability VCID-cm14-t8uv-k3es
28
vulnerability VCID-cmka-8484-27bu
29
vulnerability VCID-dbrh-t8zx-nkd9
30
vulnerability VCID-dj88-f3p8-cfbn
31
vulnerability VCID-dm97-51uu-r7gw
32
vulnerability VCID-dquc-7amf-e7cs
33
vulnerability VCID-dsu7-jjjq-f3e1
34
vulnerability VCID-e72u-tpc3-23g3
35
vulnerability VCID-e7sv-4xc2-m3d5
36
vulnerability VCID-eajg-ctpd-2bby
37
vulnerability VCID-ehzg-bzrd-kbcc
38
vulnerability VCID-ekfd-wp8z-d7e1
39
vulnerability VCID-ep6t-zwd1-4bb3
40
vulnerability VCID-euk5-hagy-xqfz
41
vulnerability VCID-fy3g-uegw-2bew
42
vulnerability VCID-gcnj-6qb6-pbgz
43
vulnerability VCID-h63t-9enx-qfdn
44
vulnerability VCID-he5m-6wj4-rbhc
45
vulnerability VCID-hpgq-deze-p7dp
46
vulnerability VCID-hv3n-j8ck-1ufx
47
vulnerability VCID-j77k-hjgx-5kc5
48
vulnerability VCID-jppe-cbgm-k3cz
49
vulnerability VCID-jqth-wfgx-87cx
50
vulnerability VCID-k4h1-mvnf-1ybx
51
vulnerability VCID-k8af-cg9k-87a9
52
vulnerability VCID-m7w6-b2xu-6uee
53
vulnerability VCID-mnz3-rj21-67ad
54
vulnerability VCID-mqbh-k9n3-nbed
55
vulnerability VCID-mub5-s7h1-57cy
56
vulnerability VCID-n15v-ta9h-6ffb
57
vulnerability VCID-n78p-x7hh-gqcf
58
vulnerability VCID-nt6a-5zkv-pbcm
59
vulnerability VCID-nwxj-3ajk-rkh5
60
vulnerability VCID-pk8d-8u15-5bfq
61
vulnerability VCID-pnfa-cksc-43de
62
vulnerability VCID-px44-19tj-h7aa
63
vulnerability VCID-q8hy-wjd9-nbgp
64
vulnerability VCID-qb4j-9tz7-m7a2
65
vulnerability VCID-rdrs-mhaw-b3ge
66
vulnerability VCID-rzw5-8d1u-sfam
67
vulnerability VCID-s64f-x81f-b7ce
68
vulnerability VCID-shqd-udhm-pff8
69
vulnerability VCID-sr3p-pdxy-4yhu
70
vulnerability VCID-stzu-sxe6-5yf5
71
vulnerability VCID-t1n7-eswt-73gw
72
vulnerability VCID-t3jn-vwbx-u7cr
73
vulnerability VCID-tgma-cyvk-97ay
74
vulnerability VCID-tmrt-6fxw-5ugh
75
vulnerability VCID-tqf5-2fsm-8fch
76
vulnerability VCID-tw1y-t4qj-j3d1
77
vulnerability VCID-uw2r-3gvq-bbcq
78
vulnerability VCID-vndb-w8e1-4ugv
79
vulnerability VCID-vrt1-aj9v-2kb6
80
vulnerability VCID-vxj6-wvyz-zbaq
81
vulnerability VCID-vxry-uvph-kbfd
82
vulnerability VCID-vybh-pxr3-17hn
83
vulnerability VCID-wea9-egep-h7g5
84
vulnerability VCID-wge3-kxdq-f3bz
85
vulnerability VCID-wkm6-cgc8-bfa8
86
vulnerability VCID-wr5t-xqnn-gkcj
87
vulnerability VCID-wxps-mnue-6bbh
88
vulnerability VCID-xa4m-xpa9-v7h8
89
vulnerability VCID-xh7y-56vy-5ud8
90
vulnerability VCID-xqew-bx7v-1qfk
91
vulnerability VCID-y32z-2d3f-gkgw
92
vulnerability VCID-zdq2-dhb2-6kaq
93
vulnerability VCID-zkea-ge1t-z7gn
94
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.5.0
aliases 2017-01-03-1
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q9ak-qcq6-qfhy
7
url VCID-re9h-ze98-rbhu
vulnerability_id VCID-re9h-ze98-rbhu
summary 
Typo3 Cross-Site Scripting in Flash component (ELTS)
TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 included a vulnerable external component, which could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8091
reference_id
reference_type
scores
0
value 0.20517
scoring_system epss
scoring_elements 0.95573
published_at 2026-04-21T12:55:00Z
1
value 0.20517
scoring_system epss
scoring_elements 0.95524
published_at 2026-04-01T12:55:00Z
2
value 0.20517
scoring_system epss
scoring_elements 0.95532
published_at 2026-04-02T12:55:00Z
3
value 0.20517
scoring_system epss
scoring_elements 0.95538
published_at 2026-04-04T12:55:00Z
4
value 0.20517
scoring_system epss
scoring_elements 0.95542
published_at 2026-04-07T12:55:00Z
5
value 0.20517
scoring_system epss
scoring_elements 0.95549
published_at 2026-04-08T12:55:00Z
6
value 0.20517
scoring_system epss
scoring_elements 0.95552
published_at 2026-04-09T12:55:00Z
7
value 0.20517
scoring_system epss
scoring_elements 0.95556
published_at 2026-04-11T12:55:00Z
8
value 0.20517
scoring_system epss
scoring_elements 0.95557
published_at 2026-04-12T12:55:00Z
9
value 0.20517
scoring_system epss
scoring_elements 0.95559
published_at 2026-04-13T12:55:00Z
10
value 0.20517
scoring_system epss
scoring_elements 0.95567
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8091
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/blob/4cb53e828bd5138d180cdf9cac1ccf7fd31086d2/typo3/sysext/core/Documentation/Changelog/7.2/Breaking-65962-WebSVGLibraryAndAPIRemoved.rst
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/blob/4cb53e828bd5138d180cdf9cac1ccf7fd31086d2/typo3/sysext/core/Documentation/Changelog/7.2/Breaking-65962-WebSVGLibraryAndAPIRemoved.rst
3
reference_url https://github.com/TYPO3/typo3/commit/482e2e992f80f5e38cb48fcaea40fd9812a5252c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/482e2e992f80f5e38cb48fcaea40fd9812a5252c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8091
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8091
5
reference_url https://typo3.org/security/advisory/typo3-psa-2019-003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-psa-2019-003
6
reference_url https://typo3.org/security/advisory/typo3-psa-2019-003/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-psa-2019-003/
7
reference_url https://www.purplemet.com/blog/typo3-xss-vulnerability
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.purplemet.com/blog/typo3-xss-vulnerability
8
reference_url https://github.com/advisories/GHSA-qvhv-pwww-53jj
reference_id GHSA-qvhv-pwww-53jj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qvhv-pwww-53jj
fixed_packages
0
url pkg:composer/typo3/cms@6.2.39
purl pkg:composer/typo3/cms@6.2.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.39
1
url pkg:composer/typo3/cms@7.2.0
purl pkg:composer/typo3/cms@7.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-b5ht-z6zp-pbht
14
vulnerability VCID-bajy-qbwq-fufn
15
vulnerability VCID-bnne-7p2q-eqd2
16
vulnerability VCID-buax-rz7x-r7c2
17
vulnerability VCID-bxjw-7426-gyb8
18
vulnerability VCID-cczn-x8q7-k7ba
19
vulnerability VCID-cjgc-q6p5-2ydc
20
vulnerability VCID-ck23-cxn6-bbf3
21
vulnerability VCID-dbrh-t8zx-nkd9
22
vulnerability VCID-dm97-51uu-r7gw
23
vulnerability VCID-dsu7-jjjq-f3e1
24
vulnerability VCID-ehzg-bzrd-kbcc
25
vulnerability VCID-f4pm-9tq5-q3ch
26
vulnerability VCID-gcnj-6qb6-pbgz
27
vulnerability VCID-h958-d3pm-kfcs
28
vulnerability VCID-jmu3-5k7e-x7ch
29
vulnerability VCID-jqx9-41zx-dbcy
30
vulnerability VCID-kgcq-paqm-9ya6
31
vulnerability VCID-kpze-14jy-xud9
32
vulnerability VCID-kqbk-4q4z-nkec
33
vulnerability VCID-mnz3-rj21-67ad
34
vulnerability VCID-n15v-ta9h-6ffb
35
vulnerability VCID-n78p-x7hh-gqcf
36
vulnerability VCID-ne8w-dpjw-7qf1
37
vulnerability VCID-nwxj-3ajk-rkh5
38
vulnerability VCID-pgzu-kxuj-j3fh
39
vulnerability VCID-pk8d-8u15-5bfq
40
vulnerability VCID-q6dx-uskc-y3hs
41
vulnerability VCID-qemc-8kj8-r3cd
42
vulnerability VCID-rdrs-mhaw-b3ge
43
vulnerability VCID-rwgf-2pfh-ufdz
44
vulnerability VCID-se8w-fv8x-tqde
45
vulnerability VCID-sr3p-pdxy-4yhu
46
vulnerability VCID-t3jn-vwbx-u7cr
47
vulnerability VCID-tmrt-6fxw-5ugh
48
vulnerability VCID-tw1y-t4qj-j3d1
49
vulnerability VCID-vndb-w8e1-4ugv
50
vulnerability VCID-wr5t-xqnn-gkcj
51
vulnerability VCID-ww44-zmx7-47ft
52
vulnerability VCID-wxps-mnue-6bbh
53
vulnerability VCID-xa4m-xpa9-v7h8
54
vulnerability VCID-xhq3-ts9t-sbdy
55
vulnerability VCID-xkpp-psz2-2kag
56
vulnerability VCID-xqew-bx7v-1qfk
57
vulnerability VCID-y32z-2d3f-gkgw
58
vulnerability VCID-zdq2-dhb2-6kaq
59
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.2.0
aliases CVE-2020-8091, GHSA-qvhv-pwww-53jj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-re9h-ze98-rbhu
8
url VCID-xa4m-xpa9-v7h8
vulnerability_id VCID-xa4m-xpa9-v7h8
summary 
TYPO3 Insecure Deserialization in Query Generator & Query View
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel (Backend Module: DB Check) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension ext:sys_action installed, with a valid backend user who has limited privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19849
reference_id
reference_type
scores
0
value 0.00746
scoring_system epss
scoring_elements 0.73104
published_at 2026-04-21T12:55:00Z
1
value 0.00746
scoring_system epss
scoring_elements 0.73005
published_at 2026-04-01T12:55:00Z
2
value 0.00746
scoring_system epss
scoring_elements 0.73015
published_at 2026-04-02T12:55:00Z
3
value 0.00746
scoring_system epss
scoring_elements 0.73036
published_at 2026-04-04T12:55:00Z
4
value 0.00746
scoring_system epss
scoring_elements 0.73011
published_at 2026-04-07T12:55:00Z
5
value 0.00746
scoring_system epss
scoring_elements 0.73048
published_at 2026-04-08T12:55:00Z
6
value 0.00746
scoring_system epss
scoring_elements 0.73061
published_at 2026-04-09T12:55:00Z
7
value 0.00746
scoring_system epss
scoring_elements 0.73085
published_at 2026-04-11T12:55:00Z
8
value 0.00746
scoring_system epss
scoring_elements 0.73065
published_at 2026-04-12T12:55:00Z
9
value 0.00746
scoring_system epss
scoring_elements 0.73058
published_at 2026-04-13T12:55:00Z
10
value 0.00746
scoring_system epss
scoring_elements 0.73101
published_at 2026-04-16T12:55:00Z
11
value 0.00746
scoring_system epss
scoring_elements 0.73111
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19849
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19849
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19849
4
reference_url https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-026
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-026
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-026/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-026/
7
reference_url https://github.com/advisories/GHSA-rcgc-4xfc-564v
reference_id GHSA-rcgc-4xfc-564v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rcgc-4xfc-564v
fixed_packages
0
url pkg:composer/typo3/cms@8.7.30
purl pkg:composer/typo3/cms@8.7.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-5paq-5frf-43ed
2
vulnerability VCID-bajy-qbwq-fufn
3
vulnerability VCID-dsu7-jjjq-f3e1
4
vulnerability VCID-ekfd-wp8z-d7e1
5
vulnerability VCID-f963-qur3-2qb7
6
vulnerability VCID-he5m-6wj4-rbhc
7
vulnerability VCID-mnz3-rj21-67ad
8
vulnerability VCID-n15v-ta9h-6ffb
9
vulnerability VCID-s64f-x81f-b7ce
10
vulnerability VCID-t1n7-eswt-73gw
11
vulnerability VCID-t3jn-vwbx-u7cr
12
vulnerability VCID-vyvy-y3cw-hbgr
13
vulnerability VCID-xh7y-56vy-5ud8
14
vulnerability VCID-y32z-2d3f-gkgw
15
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30
1
url pkg:composer/typo3/cms@9.5.12
purl pkg:composer/typo3/cms@9.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2mn6-mdmz-4yd9
1
vulnerability VCID-543x-cnbz-1kb9
2
vulnerability VCID-58js-jzm4-4fc7
3
vulnerability VCID-5jgb-dsyx-hyb4
4
vulnerability VCID-5kzs-ex81-bbaj
5
vulnerability VCID-5paq-5frf-43ed
6
vulnerability VCID-6a9t-8dmn-s3bv
7
vulnerability VCID-7kjw-j8st-mqfr
8
vulnerability VCID-a49c-fqrj-nbb3
9
vulnerability VCID-bajy-qbwq-fufn
10
vulnerability VCID-d8d1-sat6-muhe
11
vulnerability VCID-dsu7-jjjq-f3e1
12
vulnerability VCID-ekfd-wp8z-d7e1
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-he5m-6wj4-rbhc
15
vulnerability VCID-mnz3-rj21-67ad
16
vulnerability VCID-n15v-ta9h-6ffb
17
vulnerability VCID-phgh-sd4m-zbdx
18
vulnerability VCID-s64f-x81f-b7ce
19
vulnerability VCID-sw7v-fbjk-13hy
20
vulnerability VCID-t1n7-eswt-73gw
21
vulnerability VCID-t3jn-vwbx-u7cr
22
vulnerability VCID-ve7g-8st5-wffb
23
vulnerability VCID-vyvy-y3cw-hbgr
24
vulnerability VCID-xh7y-56vy-5ud8
25
vulnerability VCID-y32z-2d3f-gkgw
26
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12
2
url pkg:composer/typo3/cms@10.2.1
purl pkg:composer/typo3/cms@10.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-2mn6-mdmz-4yd9
2
vulnerability VCID-4jpa-6fqh-hbfg
3
vulnerability VCID-543x-cnbz-1kb9
4
vulnerability VCID-58js-jzm4-4fc7
5
vulnerability VCID-5jgb-dsyx-hyb4
6
vulnerability VCID-5kzs-ex81-bbaj
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6a9t-8dmn-s3bv
9
vulnerability VCID-7kjw-j8st-mqfr
10
vulnerability VCID-8sdd-b1bn-cuhx
11
vulnerability VCID-a49c-fqrj-nbb3
12
vulnerability VCID-a89c-jvwa-6kh5
13
vulnerability VCID-av8u-rvzq-4fc7
14
vulnerability VCID-bajy-qbwq-fufn
15
vulnerability VCID-cdjv-fp71-y3dv
16
vulnerability VCID-d8d1-sat6-muhe
17
vulnerability VCID-dhrm-uxuv-zfaj
18
vulnerability VCID-dsu7-jjjq-f3e1
19
vulnerability VCID-e32h-8q61-hbgc
20
vulnerability VCID-ekfd-wp8z-d7e1
21
vulnerability VCID-f963-qur3-2qb7
22
vulnerability VCID-he5m-6wj4-rbhc
23
vulnerability VCID-mnz3-rj21-67ad
24
vulnerability VCID-n15v-ta9h-6ffb
25
vulnerability VCID-phgh-sd4m-zbdx
26
vulnerability VCID-remd-55jh-r3g5
27
vulnerability VCID-s55j-8hbt-akhn
28
vulnerability VCID-s64f-x81f-b7ce
29
vulnerability VCID-sw7v-fbjk-13hy
30
vulnerability VCID-t1n7-eswt-73gw
31
vulnerability VCID-t3jn-vwbx-u7cr
32
vulnerability VCID-usmv-r64u-m7cb
33
vulnerability VCID-ve7g-8st5-wffb
34
vulnerability VCID-vwb2-a84s-5qak
35
vulnerability VCID-vyvy-y3cw-hbgr
36
vulnerability VCID-w13x-3rp9-wyej
37
vulnerability VCID-xh7y-56vy-5ud8
38
vulnerability VCID-y32z-2d3f-gkgw
39
vulnerability VCID-yj9g-uz1a-jkf2
40
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1
3
url pkg:composer/typo3/cms@10.2.2
purl pkg:composer/typo3/cms@10.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1yxw-saf5-wue7
1
vulnerability VCID-2mn6-mdmz-4yd9
2
vulnerability VCID-4jpa-6fqh-hbfg
3
vulnerability VCID-543x-cnbz-1kb9
4
vulnerability VCID-58js-jzm4-4fc7
5
vulnerability VCID-5jgb-dsyx-hyb4
6
vulnerability VCID-5kzs-ex81-bbaj
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6a9t-8dmn-s3bv
9
vulnerability VCID-7kjw-j8st-mqfr
10
vulnerability VCID-8sdd-b1bn-cuhx
11
vulnerability VCID-a49c-fqrj-nbb3
12
vulnerability VCID-a89c-jvwa-6kh5
13
vulnerability VCID-av8u-rvzq-4fc7
14
vulnerability VCID-bajy-qbwq-fufn
15
vulnerability VCID-cdjv-fp71-y3dv
16
vulnerability VCID-d8d1-sat6-muhe
17
vulnerability VCID-dhrm-uxuv-zfaj
18
vulnerability VCID-dsu7-jjjq-f3e1
19
vulnerability VCID-e32h-8q61-hbgc
20
vulnerability VCID-ekfd-wp8z-d7e1
21
vulnerability VCID-f963-qur3-2qb7
22
vulnerability VCID-he5m-6wj4-rbhc
23
vulnerability VCID-mnz3-rj21-67ad
24
vulnerability VCID-n15v-ta9h-6ffb
25
vulnerability VCID-phgh-sd4m-zbdx
26
vulnerability VCID-remd-55jh-r3g5
27
vulnerability VCID-s55j-8hbt-akhn
28
vulnerability VCID-s64f-x81f-b7ce
29
vulnerability VCID-sw7v-fbjk-13hy
30
vulnerability VCID-t1n7-eswt-73gw
31
vulnerability VCID-t3jn-vwbx-u7cr
32
vulnerability VCID-usmv-r64u-m7cb
33
vulnerability VCID-ve7g-8st5-wffb
34
vulnerability VCID-vwb2-a84s-5qak
35
vulnerability VCID-vyvy-y3cw-hbgr
36
vulnerability VCID-w13x-3rp9-wyej
37
vulnerability VCID-xh7y-56vy-5ud8
38
vulnerability VCID-y32z-2d3f-gkgw
39
vulnerability VCID-yj9g-uz1a-jkf2
40
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2
aliases CVE-2019-19849, GHSA-rcgc-4xfc-564v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xa4m-xpa9-v7h8
9
url VCID-zdq2-dhb2-6kaq
vulnerability_id VCID-zdq2-dhb2-6kaq
summary 
TYPO3 CMS vulnerable to Weak Authentication in Frontend Login
### Problem
Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary.

### Solution
Update to TYPO3 versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1 that fix the problem described above.

### References
* [TYPO3-CORE-SA-2022-013](https://typo3.org/security/advisory/typo3-core-sa-2022-013)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23501
reference_id
reference_type
scores
0
value 0.00229
scoring_system epss
scoring_elements 0.45749
published_at 2026-04-08T12:55:00Z
1
value 0.00229
scoring_system epss
scoring_elements 0.4579
published_at 2026-04-18T12:55:00Z
2
value 0.00229
scoring_system epss
scoring_elements 0.45795
published_at 2026-04-16T12:55:00Z
3
value 0.00229
scoring_system epss
scoring_elements 0.45746
published_at 2026-04-13T12:55:00Z
4
value 0.00229
scoring_system epss
scoring_elements 0.45738
published_at 2026-04-21T12:55:00Z
5
value 0.00229
scoring_system epss
scoring_elements 0.45768
published_at 2026-04-11T12:55:00Z
6
value 0.00229
scoring_system epss
scoring_elements 0.45745
published_at 2026-04-09T12:55:00Z
7
value 0.00229
scoring_system epss
scoring_elements 0.45724
published_at 2026-04-02T12:55:00Z
8
value 0.00229
scoring_system epss
scoring_elements 0.45744
published_at 2026-04-04T12:55:00Z
9
value 0.00229
scoring_system epss
scoring_elements 0.45693
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23501
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23501.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23501.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23501.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23501.yaml
3
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
4
reference_url https://github.com/TYPO3/typo3/commit/28be9cdb3fed02ce4cfc6fa2d39f7d8e2266eced
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/28be9cdb3fed02ce4cfc6fa2d39f7d8e2266eced
5
reference_url https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T18:48:00Z/
url https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23501
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23501
7
reference_url https://typo3.org/security/advisory/typo3-core-sa-2022-013
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2022-013
8
reference_url https://github.com/advisories/GHSA-jfp7-79g7-89rf
reference_id GHSA-jfp7-79g7-89rf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jfp7-79g7-89rf
fixed_packages
0
url pkg:composer/typo3/cms@10.4.33
purl pkg:composer/typo3/cms@10.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vyvy-y3cw-hbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.33
1
url pkg:composer/typo3/cms@11.5.20
purl pkg:composer/typo3/cms@11.5.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vyvy-y3cw-hbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.5.20
2
url pkg:composer/typo3/cms@12.1.1
purl pkg:composer/typo3/cms@12.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vyvy-y3cw-hbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@12.1.1
aliases CVE-2022-23501, GHSA-jfp7-79g7-89rf, GMS-2022-8134
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdq2-dhb2-6kaq
Fixing_vulnerabilities
0
url VCID-1jcy-nx8g-z3d3
vulnerability_id VCID-1jcy-nx8g-z3d3
summary 
Insecure Deserialization
Insecure Unserialize in TYPO3 Backend.
references
0
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023/
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023/
fixed_packages
0
url pkg:composer/typo3/cms@6.2.29
purl pkg:composer/typo3/cms@6.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-hv3n-j8ck-1ufx
5
vulnerability VCID-nwxj-3ajk-rkh5
6
vulnerability VCID-q9ak-qcq6-qfhy
7
vulnerability VCID-re9h-ze98-rbhu
8
vulnerability VCID-xa4m-xpa9-v7h8
9
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.29
1
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-99uu-rfrf-bqa7
14
vulnerability VCID-asym-tgh2-1kg8
15
vulnerability VCID-b45y-dr1a-7qd7
16
vulnerability VCID-b5ht-z6zp-pbht
17
vulnerability VCID-bajy-qbwq-fufn
18
vulnerability VCID-bnne-7p2q-eqd2
19
vulnerability VCID-buax-rz7x-r7c2
20
vulnerability VCID-bxjw-7426-gyb8
21
vulnerability VCID-cczn-x8q7-k7ba
22
vulnerability VCID-cjgc-q6p5-2ydc
23
vulnerability VCID-ck23-cxn6-bbf3
24
vulnerability VCID-dbrh-t8zx-nkd9
25
vulnerability VCID-dm97-51uu-r7gw
26
vulnerability VCID-dsu7-jjjq-f3e1
27
vulnerability VCID-ehzg-bzrd-kbcc
28
vulnerability VCID-f4pm-9tq5-q3ch
29
vulnerability VCID-gcnj-6qb6-pbgz
30
vulnerability VCID-h958-d3pm-kfcs
31
vulnerability VCID-kgcq-paqm-9ya6
32
vulnerability VCID-kpze-14jy-xud9
33
vulnerability VCID-kqbk-4q4z-nkec
34
vulnerability VCID-mnz3-rj21-67ad
35
vulnerability VCID-n15v-ta9h-6ffb
36
vulnerability VCID-n78p-x7hh-gqcf
37
vulnerability VCID-ne8w-dpjw-7qf1
38
vulnerability VCID-nwxj-3ajk-rkh5
39
vulnerability VCID-pgzu-kxuj-j3fh
40
vulnerability VCID-pk8d-8u15-5bfq
41
vulnerability VCID-q6dx-uskc-y3hs
42
vulnerability VCID-qemc-8kj8-r3cd
43
vulnerability VCID-rdrs-mhaw-b3ge
44
vulnerability VCID-re9h-ze98-rbhu
45
vulnerability VCID-rwgf-2pfh-ufdz
46
vulnerability VCID-se8w-fv8x-tqde
47
vulnerability VCID-sr3p-pdxy-4yhu
48
vulnerability VCID-t3jn-vwbx-u7cr
49
vulnerability VCID-tmrt-6fxw-5ugh
50
vulnerability VCID-tw1y-t4qj-j3d1
51
vulnerability VCID-vbbx-pk8m-jfhd
52
vulnerability VCID-vndb-w8e1-4ugv
53
vulnerability VCID-wr5t-xqnn-gkcj
54
vulnerability VCID-ww44-zmx7-47ft
55
vulnerability VCID-wxps-mnue-6bbh
56
vulnerability VCID-xa4m-xpa9-v7h8
57
vulnerability VCID-xhq3-ts9t-sbdy
58
vulnerability VCID-xkpp-psz2-2kag
59
vulnerability VCID-xp55-jxjr-zqcb
60
vulnerability VCID-xqew-bx7v-1qfk
61
vulnerability VCID-y32z-2d3f-gkgw
62
vulnerability VCID-zdq2-dhb2-6kaq
63
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
2
url pkg:composer/typo3/cms@7.6.13
purl pkg:composer/typo3/cms@7.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-hv3n-j8ck-1ufx
19
vulnerability VCID-jqth-wfgx-87cx
20
vulnerability VCID-mnz3-rj21-67ad
21
vulnerability VCID-mqbh-k9n3-nbed
22
vulnerability VCID-mub5-s7h1-57cy
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nt6a-5zkv-pbcm
26
vulnerability VCID-nwxj-3ajk-rkh5
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-pnfa-cksc-43de
29
vulnerability VCID-q9ak-qcq6-qfhy
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-rzw5-8d1u-sfam
32
vulnerability VCID-sr3p-pdxy-4yhu
33
vulnerability VCID-t3jn-vwbx-u7cr
34
vulnerability VCID-tmrt-6fxw-5ugh
35
vulnerability VCID-tw1y-t4qj-j3d1
36
vulnerability VCID-vndb-w8e1-4ugv
37
vulnerability VCID-vrt1-aj9v-2kb6
38
vulnerability VCID-wge3-kxdq-f3bz
39
vulnerability VCID-wr5t-xqnn-gkcj
40
vulnerability VCID-wxps-mnue-6bbh
41
vulnerability VCID-xa4m-xpa9-v7h8
42
vulnerability VCID-xqew-bx7v-1qfk
43
vulnerability VCID-y32z-2d3f-gkgw
44
vulnerability VCID-zdq2-dhb2-6kaq
45
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.13
3
url pkg:composer/typo3/cms@8.4.1
purl pkg:composer/typo3/cms@8.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1kae-ffj3-xyc7
2
vulnerability VCID-28bf-jvah-zkhw
3
vulnerability VCID-2fs8-bscc-3ye2
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-3gg5-1921-rbfs
6
vulnerability VCID-3n2r-awja-dug9
7
vulnerability VCID-3v4n-fzxa-bfaw
8
vulnerability VCID-4ack-haf2-cfbe
9
vulnerability VCID-4btk-jt5n-2ugf
10
vulnerability VCID-551q-gpyd-ffe8
11
vulnerability VCID-5jgb-dsyx-hyb4
12
vulnerability VCID-5paq-5frf-43ed
13
vulnerability VCID-5qfv-y43v-akdm
14
vulnerability VCID-5yg8-2cbr-d3as
15
vulnerability VCID-6487-15z5-pkd4
16
vulnerability VCID-6b5q-vzs3-pkcc
17
vulnerability VCID-9g62-zd1x-3bdg
18
vulnerability VCID-9gpp-ez8w-rqav
19
vulnerability VCID-axaf-45kr-kbfe
20
vulnerability VCID-bajy-qbwq-fufn
21
vulnerability VCID-bnne-7p2q-eqd2
22
vulnerability VCID-bxjw-7426-gyb8
23
vulnerability VCID-c2tm-eqmm-1ugt
24
vulnerability VCID-cm14-t8uv-k3es
25
vulnerability VCID-cmka-8484-27bu
26
vulnerability VCID-dbrh-t8zx-nkd9
27
vulnerability VCID-dj88-f3p8-cfbn
28
vulnerability VCID-dm97-51uu-r7gw
29
vulnerability VCID-dquc-7amf-e7cs
30
vulnerability VCID-dsu7-jjjq-f3e1
31
vulnerability VCID-e72u-tpc3-23g3
32
vulnerability VCID-e7sv-4xc2-m3d5
33
vulnerability VCID-eajg-ctpd-2bby
34
vulnerability VCID-ehzg-bzrd-kbcc
35
vulnerability VCID-ekfd-wp8z-d7e1
36
vulnerability VCID-ep6t-zwd1-4bb3
37
vulnerability VCID-euk5-hagy-xqfz
38
vulnerability VCID-fy3g-uegw-2bew
39
vulnerability VCID-gcnj-6qb6-pbgz
40
vulnerability VCID-h63t-9enx-qfdn
41
vulnerability VCID-he5m-6wj4-rbhc
42
vulnerability VCID-hpgq-deze-p7dp
43
vulnerability VCID-hv3n-j8ck-1ufx
44
vulnerability VCID-j77k-hjgx-5kc5
45
vulnerability VCID-jppe-cbgm-k3cz
46
vulnerability VCID-jqth-wfgx-87cx
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-m7w6-b2xu-6uee
50
vulnerability VCID-mnz3-rj21-67ad
51
vulnerability VCID-mqbh-k9n3-nbed
52
vulnerability VCID-mub5-s7h1-57cy
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-nt6a-5zkv-pbcm
56
vulnerability VCID-nwxj-3ajk-rkh5
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-pnfa-cksc-43de
59
vulnerability VCID-px44-19tj-h7aa
60
vulnerability VCID-q8hy-wjd9-nbgp
61
vulnerability VCID-q9ak-qcq6-qfhy
62
vulnerability VCID-qb4j-9tz7-m7a2
63
vulnerability VCID-rdrs-mhaw-b3ge
64
vulnerability VCID-rzw5-8d1u-sfam
65
vulnerability VCID-s64f-x81f-b7ce
66
vulnerability VCID-shqd-udhm-pff8
67
vulnerability VCID-sr3p-pdxy-4yhu
68
vulnerability VCID-stzu-sxe6-5yf5
69
vulnerability VCID-t1n7-eswt-73gw
70
vulnerability VCID-t3jn-vwbx-u7cr
71
vulnerability VCID-tgma-cyvk-97ay
72
vulnerability VCID-tmrt-6fxw-5ugh
73
vulnerability VCID-tqf5-2fsm-8fch
74
vulnerability VCID-tw1y-t4qj-j3d1
75
vulnerability VCID-uw2r-3gvq-bbcq
76
vulnerability VCID-vndb-w8e1-4ugv
77
vulnerability VCID-vrt1-aj9v-2kb6
78
vulnerability VCID-vxj6-wvyz-zbaq
79
vulnerability VCID-vxry-uvph-kbfd
80
vulnerability VCID-vybh-pxr3-17hn
81
vulnerability VCID-wea9-egep-h7g5
82
vulnerability VCID-wge3-kxdq-f3bz
83
vulnerability VCID-wr5t-xqnn-gkcj
84
vulnerability VCID-wxps-mnue-6bbh
85
vulnerability VCID-xa4m-xpa9-v7h8
86
vulnerability VCID-xh7y-56vy-5ud8
87
vulnerability VCID-xqew-bx7v-1qfk
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1
aliases 2016-11-22-1
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1jcy-nx8g-z3d3
1
url VCID-1qjx-grvf-y7bk
vulnerability_id VCID-1qjx-grvf-y7bk
summary 
Insecure Unserialize in TYPO3 Backend
Failing to properly validate incoming data, the suggest wizard is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is needed.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-1.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-1.yaml
1
reference_url https://github.com/advisories/GHSA-c7rj-92xr-wprg
reference_id GHSA-c7rj-92xr-wprg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c7rj-92xr-wprg
fixed_packages
0
url pkg:composer/typo3/cms@6.2.29
purl pkg:composer/typo3/cms@6.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-hv3n-j8ck-1ufx
5
vulnerability VCID-nwxj-3ajk-rkh5
6
vulnerability VCID-q9ak-qcq6-qfhy
7
vulnerability VCID-re9h-ze98-rbhu
8
vulnerability VCID-xa4m-xpa9-v7h8
9
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.29
1
url pkg:composer/typo3/cms@7.6.13
purl pkg:composer/typo3/cms@7.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-hv3n-j8ck-1ufx
19
vulnerability VCID-jqth-wfgx-87cx
20
vulnerability VCID-mnz3-rj21-67ad
21
vulnerability VCID-mqbh-k9n3-nbed
22
vulnerability VCID-mub5-s7h1-57cy
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nt6a-5zkv-pbcm
26
vulnerability VCID-nwxj-3ajk-rkh5
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-pnfa-cksc-43de
29
vulnerability VCID-q9ak-qcq6-qfhy
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-rzw5-8d1u-sfam
32
vulnerability VCID-sr3p-pdxy-4yhu
33
vulnerability VCID-t3jn-vwbx-u7cr
34
vulnerability VCID-tmrt-6fxw-5ugh
35
vulnerability VCID-tw1y-t4qj-j3d1
36
vulnerability VCID-vndb-w8e1-4ugv
37
vulnerability VCID-vrt1-aj9v-2kb6
38
vulnerability VCID-wge3-kxdq-f3bz
39
vulnerability VCID-wr5t-xqnn-gkcj
40
vulnerability VCID-wxps-mnue-6bbh
41
vulnerability VCID-xa4m-xpa9-v7h8
42
vulnerability VCID-xqew-bx7v-1qfk
43
vulnerability VCID-y32z-2d3f-gkgw
44
vulnerability VCID-zdq2-dhb2-6kaq
45
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.13
2
url pkg:composer/typo3/cms@8.4.1
purl pkg:composer/typo3/cms@8.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1kae-ffj3-xyc7
2
vulnerability VCID-28bf-jvah-zkhw
3
vulnerability VCID-2fs8-bscc-3ye2
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-3gg5-1921-rbfs
6
vulnerability VCID-3n2r-awja-dug9
7
vulnerability VCID-3v4n-fzxa-bfaw
8
vulnerability VCID-4ack-haf2-cfbe
9
vulnerability VCID-4btk-jt5n-2ugf
10
vulnerability VCID-551q-gpyd-ffe8
11
vulnerability VCID-5jgb-dsyx-hyb4
12
vulnerability VCID-5paq-5frf-43ed
13
vulnerability VCID-5qfv-y43v-akdm
14
vulnerability VCID-5yg8-2cbr-d3as
15
vulnerability VCID-6487-15z5-pkd4
16
vulnerability VCID-6b5q-vzs3-pkcc
17
vulnerability VCID-9g62-zd1x-3bdg
18
vulnerability VCID-9gpp-ez8w-rqav
19
vulnerability VCID-axaf-45kr-kbfe
20
vulnerability VCID-bajy-qbwq-fufn
21
vulnerability VCID-bnne-7p2q-eqd2
22
vulnerability VCID-bxjw-7426-gyb8
23
vulnerability VCID-c2tm-eqmm-1ugt
24
vulnerability VCID-cm14-t8uv-k3es
25
vulnerability VCID-cmka-8484-27bu
26
vulnerability VCID-dbrh-t8zx-nkd9
27
vulnerability VCID-dj88-f3p8-cfbn
28
vulnerability VCID-dm97-51uu-r7gw
29
vulnerability VCID-dquc-7amf-e7cs
30
vulnerability VCID-dsu7-jjjq-f3e1
31
vulnerability VCID-e72u-tpc3-23g3
32
vulnerability VCID-e7sv-4xc2-m3d5
33
vulnerability VCID-eajg-ctpd-2bby
34
vulnerability VCID-ehzg-bzrd-kbcc
35
vulnerability VCID-ekfd-wp8z-d7e1
36
vulnerability VCID-ep6t-zwd1-4bb3
37
vulnerability VCID-euk5-hagy-xqfz
38
vulnerability VCID-fy3g-uegw-2bew
39
vulnerability VCID-gcnj-6qb6-pbgz
40
vulnerability VCID-h63t-9enx-qfdn
41
vulnerability VCID-he5m-6wj4-rbhc
42
vulnerability VCID-hpgq-deze-p7dp
43
vulnerability VCID-hv3n-j8ck-1ufx
44
vulnerability VCID-j77k-hjgx-5kc5
45
vulnerability VCID-jppe-cbgm-k3cz
46
vulnerability VCID-jqth-wfgx-87cx
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-m7w6-b2xu-6uee
50
vulnerability VCID-mnz3-rj21-67ad
51
vulnerability VCID-mqbh-k9n3-nbed
52
vulnerability VCID-mub5-s7h1-57cy
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-nt6a-5zkv-pbcm
56
vulnerability VCID-nwxj-3ajk-rkh5
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-pnfa-cksc-43de
59
vulnerability VCID-px44-19tj-h7aa
60
vulnerability VCID-q8hy-wjd9-nbgp
61
vulnerability VCID-q9ak-qcq6-qfhy
62
vulnerability VCID-qb4j-9tz7-m7a2
63
vulnerability VCID-rdrs-mhaw-b3ge
64
vulnerability VCID-rzw5-8d1u-sfam
65
vulnerability VCID-s64f-x81f-b7ce
66
vulnerability VCID-shqd-udhm-pff8
67
vulnerability VCID-sr3p-pdxy-4yhu
68
vulnerability VCID-stzu-sxe6-5yf5
69
vulnerability VCID-t1n7-eswt-73gw
70
vulnerability VCID-t3jn-vwbx-u7cr
71
vulnerability VCID-tgma-cyvk-97ay
72
vulnerability VCID-tmrt-6fxw-5ugh
73
vulnerability VCID-tqf5-2fsm-8fch
74
vulnerability VCID-tw1y-t4qj-j3d1
75
vulnerability VCID-uw2r-3gvq-bbcq
76
vulnerability VCID-vndb-w8e1-4ugv
77
vulnerability VCID-vrt1-aj9v-2kb6
78
vulnerability VCID-vxj6-wvyz-zbaq
79
vulnerability VCID-vxry-uvph-kbfd
80
vulnerability VCID-vybh-pxr3-17hn
81
vulnerability VCID-wea9-egep-h7g5
82
vulnerability VCID-wge3-kxdq-f3bz
83
vulnerability VCID-wr5t-xqnn-gkcj
84
vulnerability VCID-wxps-mnue-6bbh
85
vulnerability VCID-xa4m-xpa9-v7h8
86
vulnerability VCID-xh7y-56vy-5ud8
87
vulnerability VCID-xqew-bx7v-1qfk
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1
aliases GHSA-c7rj-92xr-wprg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1qjx-grvf-y7bk
2
url VCID-435j-f3yx-9yep
vulnerability_id VCID-435j-f3yx-9yep
summary Path Traversal in TYPO3 Core.
references
0
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024/
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024/
fixed_packages
0
url pkg:composer/typo3/cms@6.2.29
purl pkg:composer/typo3/cms@6.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-hv3n-j8ck-1ufx
5
vulnerability VCID-nwxj-3ajk-rkh5
6
vulnerability VCID-q9ak-qcq6-qfhy
7
vulnerability VCID-re9h-ze98-rbhu
8
vulnerability VCID-xa4m-xpa9-v7h8
9
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.29
1
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-99uu-rfrf-bqa7
14
vulnerability VCID-asym-tgh2-1kg8
15
vulnerability VCID-b45y-dr1a-7qd7
16
vulnerability VCID-b5ht-z6zp-pbht
17
vulnerability VCID-bajy-qbwq-fufn
18
vulnerability VCID-bnne-7p2q-eqd2
19
vulnerability VCID-buax-rz7x-r7c2
20
vulnerability VCID-bxjw-7426-gyb8
21
vulnerability VCID-cczn-x8q7-k7ba
22
vulnerability VCID-cjgc-q6p5-2ydc
23
vulnerability VCID-ck23-cxn6-bbf3
24
vulnerability VCID-dbrh-t8zx-nkd9
25
vulnerability VCID-dm97-51uu-r7gw
26
vulnerability VCID-dsu7-jjjq-f3e1
27
vulnerability VCID-ehzg-bzrd-kbcc
28
vulnerability VCID-f4pm-9tq5-q3ch
29
vulnerability VCID-gcnj-6qb6-pbgz
30
vulnerability VCID-h958-d3pm-kfcs
31
vulnerability VCID-kgcq-paqm-9ya6
32
vulnerability VCID-kpze-14jy-xud9
33
vulnerability VCID-kqbk-4q4z-nkec
34
vulnerability VCID-mnz3-rj21-67ad
35
vulnerability VCID-n15v-ta9h-6ffb
36
vulnerability VCID-n78p-x7hh-gqcf
37
vulnerability VCID-ne8w-dpjw-7qf1
38
vulnerability VCID-nwxj-3ajk-rkh5
39
vulnerability VCID-pgzu-kxuj-j3fh
40
vulnerability VCID-pk8d-8u15-5bfq
41
vulnerability VCID-q6dx-uskc-y3hs
42
vulnerability VCID-qemc-8kj8-r3cd
43
vulnerability VCID-rdrs-mhaw-b3ge
44
vulnerability VCID-re9h-ze98-rbhu
45
vulnerability VCID-rwgf-2pfh-ufdz
46
vulnerability VCID-se8w-fv8x-tqde
47
vulnerability VCID-sr3p-pdxy-4yhu
48
vulnerability VCID-t3jn-vwbx-u7cr
49
vulnerability VCID-tmrt-6fxw-5ugh
50
vulnerability VCID-tw1y-t4qj-j3d1
51
vulnerability VCID-vbbx-pk8m-jfhd
52
vulnerability VCID-vndb-w8e1-4ugv
53
vulnerability VCID-wr5t-xqnn-gkcj
54
vulnerability VCID-ww44-zmx7-47ft
55
vulnerability VCID-wxps-mnue-6bbh
56
vulnerability VCID-xa4m-xpa9-v7h8
57
vulnerability VCID-xhq3-ts9t-sbdy
58
vulnerability VCID-xkpp-psz2-2kag
59
vulnerability VCID-xp55-jxjr-zqcb
60
vulnerability VCID-xqew-bx7v-1qfk
61
vulnerability VCID-y32z-2d3f-gkgw
62
vulnerability VCID-zdq2-dhb2-6kaq
63
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
2
url pkg:composer/typo3/cms@7.6.13
purl pkg:composer/typo3/cms@7.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-hv3n-j8ck-1ufx
19
vulnerability VCID-jqth-wfgx-87cx
20
vulnerability VCID-mnz3-rj21-67ad
21
vulnerability VCID-mqbh-k9n3-nbed
22
vulnerability VCID-mub5-s7h1-57cy
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nt6a-5zkv-pbcm
26
vulnerability VCID-nwxj-3ajk-rkh5
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-pnfa-cksc-43de
29
vulnerability VCID-q9ak-qcq6-qfhy
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-rzw5-8d1u-sfam
32
vulnerability VCID-sr3p-pdxy-4yhu
33
vulnerability VCID-t3jn-vwbx-u7cr
34
vulnerability VCID-tmrt-6fxw-5ugh
35
vulnerability VCID-tw1y-t4qj-j3d1
36
vulnerability VCID-vndb-w8e1-4ugv
37
vulnerability VCID-vrt1-aj9v-2kb6
38
vulnerability VCID-wge3-kxdq-f3bz
39
vulnerability VCID-wr5t-xqnn-gkcj
40
vulnerability VCID-wxps-mnue-6bbh
41
vulnerability VCID-xa4m-xpa9-v7h8
42
vulnerability VCID-xqew-bx7v-1qfk
43
vulnerability VCID-y32z-2d3f-gkgw
44
vulnerability VCID-zdq2-dhb2-6kaq
45
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.13
3
url pkg:composer/typo3/cms@8.4.1
purl pkg:composer/typo3/cms@8.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1kae-ffj3-xyc7
2
vulnerability VCID-28bf-jvah-zkhw
3
vulnerability VCID-2fs8-bscc-3ye2
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-3gg5-1921-rbfs
6
vulnerability VCID-3n2r-awja-dug9
7
vulnerability VCID-3v4n-fzxa-bfaw
8
vulnerability VCID-4ack-haf2-cfbe
9
vulnerability VCID-4btk-jt5n-2ugf
10
vulnerability VCID-551q-gpyd-ffe8
11
vulnerability VCID-5jgb-dsyx-hyb4
12
vulnerability VCID-5paq-5frf-43ed
13
vulnerability VCID-5qfv-y43v-akdm
14
vulnerability VCID-5yg8-2cbr-d3as
15
vulnerability VCID-6487-15z5-pkd4
16
vulnerability VCID-6b5q-vzs3-pkcc
17
vulnerability VCID-9g62-zd1x-3bdg
18
vulnerability VCID-9gpp-ez8w-rqav
19
vulnerability VCID-axaf-45kr-kbfe
20
vulnerability VCID-bajy-qbwq-fufn
21
vulnerability VCID-bnne-7p2q-eqd2
22
vulnerability VCID-bxjw-7426-gyb8
23
vulnerability VCID-c2tm-eqmm-1ugt
24
vulnerability VCID-cm14-t8uv-k3es
25
vulnerability VCID-cmka-8484-27bu
26
vulnerability VCID-dbrh-t8zx-nkd9
27
vulnerability VCID-dj88-f3p8-cfbn
28
vulnerability VCID-dm97-51uu-r7gw
29
vulnerability VCID-dquc-7amf-e7cs
30
vulnerability VCID-dsu7-jjjq-f3e1
31
vulnerability VCID-e72u-tpc3-23g3
32
vulnerability VCID-e7sv-4xc2-m3d5
33
vulnerability VCID-eajg-ctpd-2bby
34
vulnerability VCID-ehzg-bzrd-kbcc
35
vulnerability VCID-ekfd-wp8z-d7e1
36
vulnerability VCID-ep6t-zwd1-4bb3
37
vulnerability VCID-euk5-hagy-xqfz
38
vulnerability VCID-fy3g-uegw-2bew
39
vulnerability VCID-gcnj-6qb6-pbgz
40
vulnerability VCID-h63t-9enx-qfdn
41
vulnerability VCID-he5m-6wj4-rbhc
42
vulnerability VCID-hpgq-deze-p7dp
43
vulnerability VCID-hv3n-j8ck-1ufx
44
vulnerability VCID-j77k-hjgx-5kc5
45
vulnerability VCID-jppe-cbgm-k3cz
46
vulnerability VCID-jqth-wfgx-87cx
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-m7w6-b2xu-6uee
50
vulnerability VCID-mnz3-rj21-67ad
51
vulnerability VCID-mqbh-k9n3-nbed
52
vulnerability VCID-mub5-s7h1-57cy
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-nt6a-5zkv-pbcm
56
vulnerability VCID-nwxj-3ajk-rkh5
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-pnfa-cksc-43de
59
vulnerability VCID-px44-19tj-h7aa
60
vulnerability VCID-q8hy-wjd9-nbgp
61
vulnerability VCID-q9ak-qcq6-qfhy
62
vulnerability VCID-qb4j-9tz7-m7a2
63
vulnerability VCID-rdrs-mhaw-b3ge
64
vulnerability VCID-rzw5-8d1u-sfam
65
vulnerability VCID-s64f-x81f-b7ce
66
vulnerability VCID-shqd-udhm-pff8
67
vulnerability VCID-sr3p-pdxy-4yhu
68
vulnerability VCID-stzu-sxe6-5yf5
69
vulnerability VCID-t1n7-eswt-73gw
70
vulnerability VCID-t3jn-vwbx-u7cr
71
vulnerability VCID-tgma-cyvk-97ay
72
vulnerability VCID-tmrt-6fxw-5ugh
73
vulnerability VCID-tqf5-2fsm-8fch
74
vulnerability VCID-tw1y-t4qj-j3d1
75
vulnerability VCID-uw2r-3gvq-bbcq
76
vulnerability VCID-vndb-w8e1-4ugv
77
vulnerability VCID-vrt1-aj9v-2kb6
78
vulnerability VCID-vxj6-wvyz-zbaq
79
vulnerability VCID-vxry-uvph-kbfd
80
vulnerability VCID-vybh-pxr3-17hn
81
vulnerability VCID-wea9-egep-h7g5
82
vulnerability VCID-wge3-kxdq-f3bz
83
vulnerability VCID-wr5t-xqnn-gkcj
84
vulnerability VCID-wxps-mnue-6bbh
85
vulnerability VCID-xa4m-xpa9-v7h8
86
vulnerability VCID-xh7y-56vy-5ud8
87
vulnerability VCID-xqew-bx7v-1qfk
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1
aliases 2016-11-22-2
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-435j-f3yx-9yep
3
url VCID-c6zq-cfg5-u7d9
vulnerability_id VCID-c6zq-cfg5-u7d9
summary 
Path Traversal in TYPO3 Core
Due to a too loose type check in an API method, attackers could bypass the directory traversal check by providing an invalid UTF-8 encoding sequence.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-2.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-2.yaml
1
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024
2
reference_url https://github.com/advisories/GHSA-gj48-w74w-8gvm
reference_id GHSA-gj48-w74w-8gvm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gj48-w74w-8gvm
fixed_packages
0
url pkg:composer/typo3/cms@6.2.29
purl pkg:composer/typo3/cms@6.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-hv3n-j8ck-1ufx
5
vulnerability VCID-nwxj-3ajk-rkh5
6
vulnerability VCID-q9ak-qcq6-qfhy
7
vulnerability VCID-re9h-ze98-rbhu
8
vulnerability VCID-xa4m-xpa9-v7h8
9
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.29
1
url pkg:composer/typo3/cms@7.6.13
purl pkg:composer/typo3/cms@7.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-hv3n-j8ck-1ufx
19
vulnerability VCID-jqth-wfgx-87cx
20
vulnerability VCID-mnz3-rj21-67ad
21
vulnerability VCID-mqbh-k9n3-nbed
22
vulnerability VCID-mub5-s7h1-57cy
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nt6a-5zkv-pbcm
26
vulnerability VCID-nwxj-3ajk-rkh5
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-pnfa-cksc-43de
29
vulnerability VCID-q9ak-qcq6-qfhy
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-rzw5-8d1u-sfam
32
vulnerability VCID-sr3p-pdxy-4yhu
33
vulnerability VCID-t3jn-vwbx-u7cr
34
vulnerability VCID-tmrt-6fxw-5ugh
35
vulnerability VCID-tw1y-t4qj-j3d1
36
vulnerability VCID-vndb-w8e1-4ugv
37
vulnerability VCID-vrt1-aj9v-2kb6
38
vulnerability VCID-wge3-kxdq-f3bz
39
vulnerability VCID-wr5t-xqnn-gkcj
40
vulnerability VCID-wxps-mnue-6bbh
41
vulnerability VCID-xa4m-xpa9-v7h8
42
vulnerability VCID-xqew-bx7v-1qfk
43
vulnerability VCID-y32z-2d3f-gkgw
44
vulnerability VCID-zdq2-dhb2-6kaq
45
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.13
2
url pkg:composer/typo3/cms@8.4.1
purl pkg:composer/typo3/cms@8.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1kae-ffj3-xyc7
2
vulnerability VCID-28bf-jvah-zkhw
3
vulnerability VCID-2fs8-bscc-3ye2
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-3gg5-1921-rbfs
6
vulnerability VCID-3n2r-awja-dug9
7
vulnerability VCID-3v4n-fzxa-bfaw
8
vulnerability VCID-4ack-haf2-cfbe
9
vulnerability VCID-4btk-jt5n-2ugf
10
vulnerability VCID-551q-gpyd-ffe8
11
vulnerability VCID-5jgb-dsyx-hyb4
12
vulnerability VCID-5paq-5frf-43ed
13
vulnerability VCID-5qfv-y43v-akdm
14
vulnerability VCID-5yg8-2cbr-d3as
15
vulnerability VCID-6487-15z5-pkd4
16
vulnerability VCID-6b5q-vzs3-pkcc
17
vulnerability VCID-9g62-zd1x-3bdg
18
vulnerability VCID-9gpp-ez8w-rqav
19
vulnerability VCID-axaf-45kr-kbfe
20
vulnerability VCID-bajy-qbwq-fufn
21
vulnerability VCID-bnne-7p2q-eqd2
22
vulnerability VCID-bxjw-7426-gyb8
23
vulnerability VCID-c2tm-eqmm-1ugt
24
vulnerability VCID-cm14-t8uv-k3es
25
vulnerability VCID-cmka-8484-27bu
26
vulnerability VCID-dbrh-t8zx-nkd9
27
vulnerability VCID-dj88-f3p8-cfbn
28
vulnerability VCID-dm97-51uu-r7gw
29
vulnerability VCID-dquc-7amf-e7cs
30
vulnerability VCID-dsu7-jjjq-f3e1
31
vulnerability VCID-e72u-tpc3-23g3
32
vulnerability VCID-e7sv-4xc2-m3d5
33
vulnerability VCID-eajg-ctpd-2bby
34
vulnerability VCID-ehzg-bzrd-kbcc
35
vulnerability VCID-ekfd-wp8z-d7e1
36
vulnerability VCID-ep6t-zwd1-4bb3
37
vulnerability VCID-euk5-hagy-xqfz
38
vulnerability VCID-fy3g-uegw-2bew
39
vulnerability VCID-gcnj-6qb6-pbgz
40
vulnerability VCID-h63t-9enx-qfdn
41
vulnerability VCID-he5m-6wj4-rbhc
42
vulnerability VCID-hpgq-deze-p7dp
43
vulnerability VCID-hv3n-j8ck-1ufx
44
vulnerability VCID-j77k-hjgx-5kc5
45
vulnerability VCID-jppe-cbgm-k3cz
46
vulnerability VCID-jqth-wfgx-87cx
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-m7w6-b2xu-6uee
50
vulnerability VCID-mnz3-rj21-67ad
51
vulnerability VCID-mqbh-k9n3-nbed
52
vulnerability VCID-mub5-s7h1-57cy
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-nt6a-5zkv-pbcm
56
vulnerability VCID-nwxj-3ajk-rkh5
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-pnfa-cksc-43de
59
vulnerability VCID-px44-19tj-h7aa
60
vulnerability VCID-q8hy-wjd9-nbgp
61
vulnerability VCID-q9ak-qcq6-qfhy
62
vulnerability VCID-qb4j-9tz7-m7a2
63
vulnerability VCID-rdrs-mhaw-b3ge
64
vulnerability VCID-rzw5-8d1u-sfam
65
vulnerability VCID-s64f-x81f-b7ce
66
vulnerability VCID-shqd-udhm-pff8
67
vulnerability VCID-sr3p-pdxy-4yhu
68
vulnerability VCID-stzu-sxe6-5yf5
69
vulnerability VCID-t1n7-eswt-73gw
70
vulnerability VCID-t3jn-vwbx-u7cr
71
vulnerability VCID-tgma-cyvk-97ay
72
vulnerability VCID-tmrt-6fxw-5ugh
73
vulnerability VCID-tqf5-2fsm-8fch
74
vulnerability VCID-tw1y-t4qj-j3d1
75
vulnerability VCID-uw2r-3gvq-bbcq
76
vulnerability VCID-vndb-w8e1-4ugv
77
vulnerability VCID-vrt1-aj9v-2kb6
78
vulnerability VCID-vxj6-wvyz-zbaq
79
vulnerability VCID-vxry-uvph-kbfd
80
vulnerability VCID-vybh-pxr3-17hn
81
vulnerability VCID-wea9-egep-h7g5
82
vulnerability VCID-wge3-kxdq-f3bz
83
vulnerability VCID-wr5t-xqnn-gkcj
84
vulnerability VCID-wxps-mnue-6bbh
85
vulnerability VCID-xa4m-xpa9-v7h8
86
vulnerability VCID-xh7y-56vy-5ud8
87
vulnerability VCID-xqew-bx7v-1qfk
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1
aliases GHSA-gj48-w74w-8gvm, GMS-2024-342
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c6zq-cfg5-u7d9
4
url VCID-nnh9-udcj-m7fv
vulnerability_id VCID-nnh9-udcj-m7fv
summary 
Path Traversal
Due to a too loose type check in an API method, attackers could bypass the directory traversal check by providing an invalid UTF-8 encoding sequence.
references
0
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024
fixed_packages
0
url pkg:composer/typo3/cms@6.2.29
purl pkg:composer/typo3/cms@6.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-hv3n-j8ck-1ufx
5
vulnerability VCID-nwxj-3ajk-rkh5
6
vulnerability VCID-q9ak-qcq6-qfhy
7
vulnerability VCID-re9h-ze98-rbhu
8
vulnerability VCID-xa4m-xpa9-v7h8
9
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.29
1
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-99uu-rfrf-bqa7
14
vulnerability VCID-asym-tgh2-1kg8
15
vulnerability VCID-b45y-dr1a-7qd7
16
vulnerability VCID-b5ht-z6zp-pbht
17
vulnerability VCID-bajy-qbwq-fufn
18
vulnerability VCID-bnne-7p2q-eqd2
19
vulnerability VCID-buax-rz7x-r7c2
20
vulnerability VCID-bxjw-7426-gyb8
21
vulnerability VCID-cczn-x8q7-k7ba
22
vulnerability VCID-cjgc-q6p5-2ydc
23
vulnerability VCID-ck23-cxn6-bbf3
24
vulnerability VCID-dbrh-t8zx-nkd9
25
vulnerability VCID-dm97-51uu-r7gw
26
vulnerability VCID-dsu7-jjjq-f3e1
27
vulnerability VCID-ehzg-bzrd-kbcc
28
vulnerability VCID-f4pm-9tq5-q3ch
29
vulnerability VCID-gcnj-6qb6-pbgz
30
vulnerability VCID-h958-d3pm-kfcs
31
vulnerability VCID-kgcq-paqm-9ya6
32
vulnerability VCID-kpze-14jy-xud9
33
vulnerability VCID-kqbk-4q4z-nkec
34
vulnerability VCID-mnz3-rj21-67ad
35
vulnerability VCID-n15v-ta9h-6ffb
36
vulnerability VCID-n78p-x7hh-gqcf
37
vulnerability VCID-ne8w-dpjw-7qf1
38
vulnerability VCID-nwxj-3ajk-rkh5
39
vulnerability VCID-pgzu-kxuj-j3fh
40
vulnerability VCID-pk8d-8u15-5bfq
41
vulnerability VCID-q6dx-uskc-y3hs
42
vulnerability VCID-qemc-8kj8-r3cd
43
vulnerability VCID-rdrs-mhaw-b3ge
44
vulnerability VCID-re9h-ze98-rbhu
45
vulnerability VCID-rwgf-2pfh-ufdz
46
vulnerability VCID-se8w-fv8x-tqde
47
vulnerability VCID-sr3p-pdxy-4yhu
48
vulnerability VCID-t3jn-vwbx-u7cr
49
vulnerability VCID-tmrt-6fxw-5ugh
50
vulnerability VCID-tw1y-t4qj-j3d1
51
vulnerability VCID-vbbx-pk8m-jfhd
52
vulnerability VCID-vndb-w8e1-4ugv
53
vulnerability VCID-wr5t-xqnn-gkcj
54
vulnerability VCID-ww44-zmx7-47ft
55
vulnerability VCID-wxps-mnue-6bbh
56
vulnerability VCID-xa4m-xpa9-v7h8
57
vulnerability VCID-xhq3-ts9t-sbdy
58
vulnerability VCID-xkpp-psz2-2kag
59
vulnerability VCID-xp55-jxjr-zqcb
60
vulnerability VCID-xqew-bx7v-1qfk
61
vulnerability VCID-y32z-2d3f-gkgw
62
vulnerability VCID-zdq2-dhb2-6kaq
63
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
2
url pkg:composer/typo3/cms@7.6.13
purl pkg:composer/typo3/cms@7.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-hv3n-j8ck-1ufx
19
vulnerability VCID-jqth-wfgx-87cx
20
vulnerability VCID-mnz3-rj21-67ad
21
vulnerability VCID-mqbh-k9n3-nbed
22
vulnerability VCID-mub5-s7h1-57cy
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nt6a-5zkv-pbcm
26
vulnerability VCID-nwxj-3ajk-rkh5
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-pnfa-cksc-43de
29
vulnerability VCID-q9ak-qcq6-qfhy
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-rzw5-8d1u-sfam
32
vulnerability VCID-sr3p-pdxy-4yhu
33
vulnerability VCID-t3jn-vwbx-u7cr
34
vulnerability VCID-tmrt-6fxw-5ugh
35
vulnerability VCID-tw1y-t4qj-j3d1
36
vulnerability VCID-vndb-w8e1-4ugv
37
vulnerability VCID-vrt1-aj9v-2kb6
38
vulnerability VCID-wge3-kxdq-f3bz
39
vulnerability VCID-wr5t-xqnn-gkcj
40
vulnerability VCID-wxps-mnue-6bbh
41
vulnerability VCID-xa4m-xpa9-v7h8
42
vulnerability VCID-xqew-bx7v-1qfk
43
vulnerability VCID-y32z-2d3f-gkgw
44
vulnerability VCID-zdq2-dhb2-6kaq
45
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.13
3
url pkg:composer/typo3/cms@8.4.1
purl pkg:composer/typo3/cms@8.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1kae-ffj3-xyc7
2
vulnerability VCID-28bf-jvah-zkhw
3
vulnerability VCID-2fs8-bscc-3ye2
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-3gg5-1921-rbfs
6
vulnerability VCID-3n2r-awja-dug9
7
vulnerability VCID-3v4n-fzxa-bfaw
8
vulnerability VCID-4ack-haf2-cfbe
9
vulnerability VCID-4btk-jt5n-2ugf
10
vulnerability VCID-551q-gpyd-ffe8
11
vulnerability VCID-5jgb-dsyx-hyb4
12
vulnerability VCID-5paq-5frf-43ed
13
vulnerability VCID-5qfv-y43v-akdm
14
vulnerability VCID-5yg8-2cbr-d3as
15
vulnerability VCID-6487-15z5-pkd4
16
vulnerability VCID-6b5q-vzs3-pkcc
17
vulnerability VCID-9g62-zd1x-3bdg
18
vulnerability VCID-9gpp-ez8w-rqav
19
vulnerability VCID-axaf-45kr-kbfe
20
vulnerability VCID-bajy-qbwq-fufn
21
vulnerability VCID-bnne-7p2q-eqd2
22
vulnerability VCID-bxjw-7426-gyb8
23
vulnerability VCID-c2tm-eqmm-1ugt
24
vulnerability VCID-cm14-t8uv-k3es
25
vulnerability VCID-cmka-8484-27bu
26
vulnerability VCID-dbrh-t8zx-nkd9
27
vulnerability VCID-dj88-f3p8-cfbn
28
vulnerability VCID-dm97-51uu-r7gw
29
vulnerability VCID-dquc-7amf-e7cs
30
vulnerability VCID-dsu7-jjjq-f3e1
31
vulnerability VCID-e72u-tpc3-23g3
32
vulnerability VCID-e7sv-4xc2-m3d5
33
vulnerability VCID-eajg-ctpd-2bby
34
vulnerability VCID-ehzg-bzrd-kbcc
35
vulnerability VCID-ekfd-wp8z-d7e1
36
vulnerability VCID-ep6t-zwd1-4bb3
37
vulnerability VCID-euk5-hagy-xqfz
38
vulnerability VCID-fy3g-uegw-2bew
39
vulnerability VCID-gcnj-6qb6-pbgz
40
vulnerability VCID-h63t-9enx-qfdn
41
vulnerability VCID-he5m-6wj4-rbhc
42
vulnerability VCID-hpgq-deze-p7dp
43
vulnerability VCID-hv3n-j8ck-1ufx
44
vulnerability VCID-j77k-hjgx-5kc5
45
vulnerability VCID-jppe-cbgm-k3cz
46
vulnerability VCID-jqth-wfgx-87cx
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-m7w6-b2xu-6uee
50
vulnerability VCID-mnz3-rj21-67ad
51
vulnerability VCID-mqbh-k9n3-nbed
52
vulnerability VCID-mub5-s7h1-57cy
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-nt6a-5zkv-pbcm
56
vulnerability VCID-nwxj-3ajk-rkh5
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-pnfa-cksc-43de
59
vulnerability VCID-px44-19tj-h7aa
60
vulnerability VCID-q8hy-wjd9-nbgp
61
vulnerability VCID-q9ak-qcq6-qfhy
62
vulnerability VCID-qb4j-9tz7-m7a2
63
vulnerability VCID-rdrs-mhaw-b3ge
64
vulnerability VCID-rzw5-8d1u-sfam
65
vulnerability VCID-s64f-x81f-b7ce
66
vulnerability VCID-shqd-udhm-pff8
67
vulnerability VCID-sr3p-pdxy-4yhu
68
vulnerability VCID-stzu-sxe6-5yf5
69
vulnerability VCID-t1n7-eswt-73gw
70
vulnerability VCID-t3jn-vwbx-u7cr
71
vulnerability VCID-tgma-cyvk-97ay
72
vulnerability VCID-tmrt-6fxw-5ugh
73
vulnerability VCID-tqf5-2fsm-8fch
74
vulnerability VCID-tw1y-t4qj-j3d1
75
vulnerability VCID-uw2r-3gvq-bbcq
76
vulnerability VCID-vndb-w8e1-4ugv
77
vulnerability VCID-vrt1-aj9v-2kb6
78
vulnerability VCID-vxj6-wvyz-zbaq
79
vulnerability VCID-vxry-uvph-kbfd
80
vulnerability VCID-vybh-pxr3-17hn
81
vulnerability VCID-wea9-egep-h7g5
82
vulnerability VCID-wge3-kxdq-f3bz
83
vulnerability VCID-wr5t-xqnn-gkcj
84
vulnerability VCID-wxps-mnue-6bbh
85
vulnerability VCID-xa4m-xpa9-v7h8
86
vulnerability VCID-xh7y-56vy-5ud8
87
vulnerability VCID-xqew-bx7v-1qfk
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1
aliases TYPO3-CORE-SA-2016-024
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nnh9-udcj-m7fv
5
url VCID-prbd-r82t-87dm
vulnerability_id VCID-prbd-r82t-87dm
summary 
Insecure Unserialize in TYPO3 Backend
Failing to properly validate incoming data, the suggest wizard is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is needed.
references
0
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023
fixed_packages
0
url pkg:composer/typo3/cms@6.2.29
purl pkg:composer/typo3/cms@6.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5jgb-dsyx-hyb4
1
vulnerability VCID-dsu7-jjjq-f3e1
2
vulnerability VCID-f963-qur3-2qb7
3
vulnerability VCID-gcnj-6qb6-pbgz
4
vulnerability VCID-hv3n-j8ck-1ufx
5
vulnerability VCID-nwxj-3ajk-rkh5
6
vulnerability VCID-q9ak-qcq6-qfhy
7
vulnerability VCID-re9h-ze98-rbhu
8
vulnerability VCID-xa4m-xpa9-v7h8
9
vulnerability VCID-zdq2-dhb2-6kaq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.29
1
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-99uu-rfrf-bqa7
14
vulnerability VCID-asym-tgh2-1kg8
15
vulnerability VCID-b45y-dr1a-7qd7
16
vulnerability VCID-b5ht-z6zp-pbht
17
vulnerability VCID-bajy-qbwq-fufn
18
vulnerability VCID-bnne-7p2q-eqd2
19
vulnerability VCID-buax-rz7x-r7c2
20
vulnerability VCID-bxjw-7426-gyb8
21
vulnerability VCID-cczn-x8q7-k7ba
22
vulnerability VCID-cjgc-q6p5-2ydc
23
vulnerability VCID-ck23-cxn6-bbf3
24
vulnerability VCID-dbrh-t8zx-nkd9
25
vulnerability VCID-dm97-51uu-r7gw
26
vulnerability VCID-dsu7-jjjq-f3e1
27
vulnerability VCID-ehzg-bzrd-kbcc
28
vulnerability VCID-f4pm-9tq5-q3ch
29
vulnerability VCID-gcnj-6qb6-pbgz
30
vulnerability VCID-h958-d3pm-kfcs
31
vulnerability VCID-kgcq-paqm-9ya6
32
vulnerability VCID-kpze-14jy-xud9
33
vulnerability VCID-kqbk-4q4z-nkec
34
vulnerability VCID-mnz3-rj21-67ad
35
vulnerability VCID-n15v-ta9h-6ffb
36
vulnerability VCID-n78p-x7hh-gqcf
37
vulnerability VCID-ne8w-dpjw-7qf1
38
vulnerability VCID-nwxj-3ajk-rkh5
39
vulnerability VCID-pgzu-kxuj-j3fh
40
vulnerability VCID-pk8d-8u15-5bfq
41
vulnerability VCID-q6dx-uskc-y3hs
42
vulnerability VCID-qemc-8kj8-r3cd
43
vulnerability VCID-rdrs-mhaw-b3ge
44
vulnerability VCID-re9h-ze98-rbhu
45
vulnerability VCID-rwgf-2pfh-ufdz
46
vulnerability VCID-se8w-fv8x-tqde
47
vulnerability VCID-sr3p-pdxy-4yhu
48
vulnerability VCID-t3jn-vwbx-u7cr
49
vulnerability VCID-tmrt-6fxw-5ugh
50
vulnerability VCID-tw1y-t4qj-j3d1
51
vulnerability VCID-vbbx-pk8m-jfhd
52
vulnerability VCID-vndb-w8e1-4ugv
53
vulnerability VCID-wr5t-xqnn-gkcj
54
vulnerability VCID-ww44-zmx7-47ft
55
vulnerability VCID-wxps-mnue-6bbh
56
vulnerability VCID-xa4m-xpa9-v7h8
57
vulnerability VCID-xhq3-ts9t-sbdy
58
vulnerability VCID-xkpp-psz2-2kag
59
vulnerability VCID-xp55-jxjr-zqcb
60
vulnerability VCID-xqew-bx7v-1qfk
61
vulnerability VCID-y32z-2d3f-gkgw
62
vulnerability VCID-zdq2-dhb2-6kaq
63
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
2
url pkg:composer/typo3/cms@7.6.13
purl pkg:composer/typo3/cms@7.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28bf-jvah-zkhw
1
vulnerability VCID-2fs8-bscc-3ye2
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-bajy-qbwq-fufn
6
vulnerability VCID-bnne-7p2q-eqd2
7
vulnerability VCID-bxjw-7426-gyb8
8
vulnerability VCID-dbrh-t8zx-nkd9
9
vulnerability VCID-dm97-51uu-r7gw
10
vulnerability VCID-dsu7-jjjq-f3e1
11
vulnerability VCID-ehzg-bzrd-kbcc
12
vulnerability VCID-ep6t-zwd1-4bb3
13
vulnerability VCID-f963-qur3-2qb7
14
vulnerability VCID-fy3g-uegw-2bew
15
vulnerability VCID-gcnj-6qb6-pbgz
16
vulnerability VCID-h63t-9enx-qfdn
17
vulnerability VCID-hpgq-deze-p7dp
18
vulnerability VCID-hv3n-j8ck-1ufx
19
vulnerability VCID-jqth-wfgx-87cx
20
vulnerability VCID-mnz3-rj21-67ad
21
vulnerability VCID-mqbh-k9n3-nbed
22
vulnerability VCID-mub5-s7h1-57cy
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nt6a-5zkv-pbcm
26
vulnerability VCID-nwxj-3ajk-rkh5
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-pnfa-cksc-43de
29
vulnerability VCID-q9ak-qcq6-qfhy
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-rzw5-8d1u-sfam
32
vulnerability VCID-sr3p-pdxy-4yhu
33
vulnerability VCID-t3jn-vwbx-u7cr
34
vulnerability VCID-tmrt-6fxw-5ugh
35
vulnerability VCID-tw1y-t4qj-j3d1
36
vulnerability VCID-vndb-w8e1-4ugv
37
vulnerability VCID-vrt1-aj9v-2kb6
38
vulnerability VCID-wge3-kxdq-f3bz
39
vulnerability VCID-wr5t-xqnn-gkcj
40
vulnerability VCID-wxps-mnue-6bbh
41
vulnerability VCID-xa4m-xpa9-v7h8
42
vulnerability VCID-xqew-bx7v-1qfk
43
vulnerability VCID-y32z-2d3f-gkgw
44
vulnerability VCID-zdq2-dhb2-6kaq
45
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.13
3
url pkg:composer/typo3/cms@8.4.1
purl pkg:composer/typo3/cms@8.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18dg-eevv-3ug9
1
vulnerability VCID-1kae-ffj3-xyc7
2
vulnerability VCID-28bf-jvah-zkhw
3
vulnerability VCID-2fs8-bscc-3ye2
4
vulnerability VCID-2meq-x4kd-bbdn
5
vulnerability VCID-3gg5-1921-rbfs
6
vulnerability VCID-3n2r-awja-dug9
7
vulnerability VCID-3v4n-fzxa-bfaw
8
vulnerability VCID-4ack-haf2-cfbe
9
vulnerability VCID-4btk-jt5n-2ugf
10
vulnerability VCID-551q-gpyd-ffe8
11
vulnerability VCID-5jgb-dsyx-hyb4
12
vulnerability VCID-5paq-5frf-43ed
13
vulnerability VCID-5qfv-y43v-akdm
14
vulnerability VCID-5yg8-2cbr-d3as
15
vulnerability VCID-6487-15z5-pkd4
16
vulnerability VCID-6b5q-vzs3-pkcc
17
vulnerability VCID-9g62-zd1x-3bdg
18
vulnerability VCID-9gpp-ez8w-rqav
19
vulnerability VCID-axaf-45kr-kbfe
20
vulnerability VCID-bajy-qbwq-fufn
21
vulnerability VCID-bnne-7p2q-eqd2
22
vulnerability VCID-bxjw-7426-gyb8
23
vulnerability VCID-c2tm-eqmm-1ugt
24
vulnerability VCID-cm14-t8uv-k3es
25
vulnerability VCID-cmka-8484-27bu
26
vulnerability VCID-dbrh-t8zx-nkd9
27
vulnerability VCID-dj88-f3p8-cfbn
28
vulnerability VCID-dm97-51uu-r7gw
29
vulnerability VCID-dquc-7amf-e7cs
30
vulnerability VCID-dsu7-jjjq-f3e1
31
vulnerability VCID-e72u-tpc3-23g3
32
vulnerability VCID-e7sv-4xc2-m3d5
33
vulnerability VCID-eajg-ctpd-2bby
34
vulnerability VCID-ehzg-bzrd-kbcc
35
vulnerability VCID-ekfd-wp8z-d7e1
36
vulnerability VCID-ep6t-zwd1-4bb3
37
vulnerability VCID-euk5-hagy-xqfz
38
vulnerability VCID-fy3g-uegw-2bew
39
vulnerability VCID-gcnj-6qb6-pbgz
40
vulnerability VCID-h63t-9enx-qfdn
41
vulnerability VCID-he5m-6wj4-rbhc
42
vulnerability VCID-hpgq-deze-p7dp
43
vulnerability VCID-hv3n-j8ck-1ufx
44
vulnerability VCID-j77k-hjgx-5kc5
45
vulnerability VCID-jppe-cbgm-k3cz
46
vulnerability VCID-jqth-wfgx-87cx
47
vulnerability VCID-k4h1-mvnf-1ybx
48
vulnerability VCID-k8af-cg9k-87a9
49
vulnerability VCID-m7w6-b2xu-6uee
50
vulnerability VCID-mnz3-rj21-67ad
51
vulnerability VCID-mqbh-k9n3-nbed
52
vulnerability VCID-mub5-s7h1-57cy
53
vulnerability VCID-n15v-ta9h-6ffb
54
vulnerability VCID-n78p-x7hh-gqcf
55
vulnerability VCID-nt6a-5zkv-pbcm
56
vulnerability VCID-nwxj-3ajk-rkh5
57
vulnerability VCID-pk8d-8u15-5bfq
58
vulnerability VCID-pnfa-cksc-43de
59
vulnerability VCID-px44-19tj-h7aa
60
vulnerability VCID-q8hy-wjd9-nbgp
61
vulnerability VCID-q9ak-qcq6-qfhy
62
vulnerability VCID-qb4j-9tz7-m7a2
63
vulnerability VCID-rdrs-mhaw-b3ge
64
vulnerability VCID-rzw5-8d1u-sfam
65
vulnerability VCID-s64f-x81f-b7ce
66
vulnerability VCID-shqd-udhm-pff8
67
vulnerability VCID-sr3p-pdxy-4yhu
68
vulnerability VCID-stzu-sxe6-5yf5
69
vulnerability VCID-t1n7-eswt-73gw
70
vulnerability VCID-t3jn-vwbx-u7cr
71
vulnerability VCID-tgma-cyvk-97ay
72
vulnerability VCID-tmrt-6fxw-5ugh
73
vulnerability VCID-tqf5-2fsm-8fch
74
vulnerability VCID-tw1y-t4qj-j3d1
75
vulnerability VCID-uw2r-3gvq-bbcq
76
vulnerability VCID-vndb-w8e1-4ugv
77
vulnerability VCID-vrt1-aj9v-2kb6
78
vulnerability VCID-vxj6-wvyz-zbaq
79
vulnerability VCID-vxry-uvph-kbfd
80
vulnerability VCID-vybh-pxr3-17hn
81
vulnerability VCID-wea9-egep-h7g5
82
vulnerability VCID-wge3-kxdq-f3bz
83
vulnerability VCID-wr5t-xqnn-gkcj
84
vulnerability VCID-wxps-mnue-6bbh
85
vulnerability VCID-xa4m-xpa9-v7h8
86
vulnerability VCID-xh7y-56vy-5ud8
87
vulnerability VCID-xqew-bx7v-1qfk
88
vulnerability VCID-y32z-2d3f-gkgw
89
vulnerability VCID-zdq2-dhb2-6kaq
90
vulnerability VCID-zkea-ge1t-z7gn
91
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1
aliases TYPO3-CORE-SA-2016-023
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prbd-r82t-87dm
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.29