Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/24801?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/24801?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.47", "type": "composer", "namespace": "typo3", "name": "cms-core", "version": "8.7.47", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "12.4.41", "latest_non_vulnerable_version": "14.3.3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211331?format=api", "vulnerability_id": "VCID-c34f-fptt-tfgt", "summary": "TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection", "references": [ { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/d4f260570abd934fcf3819370a135bef33d729b7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/d4f260570abd934fcf3819370a135bef33d729b7" }, { "reference_url": "https://github.com/advisories/GHSA-gqqf-g5r7-84vf", "reference_id": "GHSA-gqqf-g5r7-84vf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gqqf-g5r7-84vf" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-gqqf-g5r7-84vf", "reference_id": "GHSA-gqqf-g5r7-84vf", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-gqqf-g5r7-84vf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/26277?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.48", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.48" }, { "url": "http://public2.vulnerablecode.io/api/packages/26281?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.37", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.37" }, { "url": "http://public2.vulnerablecode.io/api/packages/26284?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4hp8-5qeb-wyam" }, { "vulnerability": "VCID-5ddb-qvu6-c7dd" }, { "vulnerability": "VCID-9f74-pxxq-3qea" }, { "vulnerability": "VCID-9fu7-2brx-j3az" }, { "vulnerability": "VCID-9kzb-yw93-rqd3" }, { "vulnerability": "VCID-9mh5-8n3y-93c8" }, { "vulnerability": "VCID-arjb-mbgt-97dh" }, { "vulnerability": "VCID-g6wm-gjsy-7fdt" }, { "vulnerability": "VCID-humm-nga7-hbe4" }, { "vulnerability": "VCID-jtqp-g65r-93hs" }, { "vulnerability": "VCID-p2gb-esw8-3ya7" }, { "vulnerability": "VCID-qnk5-9jfz-5bhh" }, { "vulnerability": "VCID-rxu6-ccns-m3fk" }, { "vulnerability": "VCID-sq7n-ehxa-rbb9" }, { "vulnerability": "VCID-tyba-yxs8-7kgb" }, { "vulnerability": "VCID-u1bz-wj83-nbbt" }, { "vulnerability": "VCID-v1kq-a6wk-bka9" }, { "vulnerability": "VCID-vc1g-tqkt-w7gt" }, { "vulnerability": "VCID-ve54-aaqx-xkck" }, { "vulnerability": "VCID-wutq-k9ph-zyab" }, { "vulnerability": "VCID-x2ne-qxnz-rkem" }, { "vulnerability": "VCID-xbzy-s3xw-y7ey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/26286?format=api", "purl": "pkg:composer/typo3/cms-core@11.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4hp8-5qeb-wyam" }, { "vulnerability": "VCID-5ddb-qvu6-c7dd" }, { "vulnerability": "VCID-9f74-pxxq-3qea" }, { "vulnerability": "VCID-9fu7-2brx-j3az" }, { "vulnerability": "VCID-9kzb-yw93-rqd3" }, { "vulnerability": "VCID-9mh5-8n3y-93c8" }, { "vulnerability": "VCID-arjb-mbgt-97dh" }, { "vulnerability": "VCID-g6wm-gjsy-7fdt" }, { "vulnerability": "VCID-humm-nga7-hbe4" }, { "vulnerability": "VCID-jtqp-g65r-93hs" }, { "vulnerability": "VCID-p2gb-esw8-3ya7" }, { "vulnerability": "VCID-qnk5-9jfz-5bhh" }, { "vulnerability": "VCID-rxu6-ccns-m3fk" }, { "vulnerability": "VCID-sq7n-ehxa-rbb9" }, { "vulnerability": "VCID-tyba-yxs8-7kgb" }, { "vulnerability": "VCID-u1bz-wj83-nbbt" }, { "vulnerability": "VCID-v1kq-a6wk-bka9" }, { "vulnerability": "VCID-vc1g-tqkt-w7gt" }, { "vulnerability": "VCID-ve54-aaqx-xkck" }, { "vulnerability": "VCID-wutq-k9ph-zyab" }, { "vulnerability": "VCID-x2ne-qxnz-rkem" }, { "vulnerability": "VCID-xbzy-s3xw-y7ey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.5.16" } ], "aliases": [ "GHSA-gqqf-g5r7-84vf", "GMS-2022-4096" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c34f-fptt-tfgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211346?format=api", "vulnerability_id": "VCID-d7rj-6q7r-dug5", "summary": "TYPO3 CMS Stored Cross-Site Scripting via FileDumpController", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00687", "scoring_system": "epss", "scoring_elements": "0.72304", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00687", "scoring_system": "epss", "scoring_elements": "0.72214", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00687", "scoring_system": "epss", "scoring_elements": "0.72297", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00687", "scoring_system": "epss", "scoring_elements": "0.7231", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36107" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/546208428c861a09d62b86cde141eb19a81fae66", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/546208428c861a09d62b86cde141eb19a81fae66" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/bd58d2ff2eeef89e63ef754a2389597d22622a39", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/bd58d2ff2eeef89e63ef754a2389597d22622a39" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2022-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-009" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36107", "reference_id": "CVE-2022-36107", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36107" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36107.yaml", "reference_id": "CVE-2022-36107.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36107.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36107.yaml", "reference_id": "CVE-2022-36107.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36107.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-9c6w-55cp-5w25", "reference_id": "GHSA-9c6w-55cp-5w25", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9c6w-55cp-5w25" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-9c6w-55cp-5w25", "reference_id": "GHSA-9c6w-55cp-5w25", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-9c6w-55cp-5w25" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/26277?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.48", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.48" }, { "url": "http://public2.vulnerablecode.io/api/packages/26281?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.37", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.37" }, { "url": "http://public2.vulnerablecode.io/api/packages/26284?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4hp8-5qeb-wyam" }, { "vulnerability": "VCID-5ddb-qvu6-c7dd" }, { "vulnerability": "VCID-9f74-pxxq-3qea" }, { "vulnerability": "VCID-9fu7-2brx-j3az" }, { "vulnerability": "VCID-9kzb-yw93-rqd3" }, { "vulnerability": "VCID-9mh5-8n3y-93c8" }, { "vulnerability": "VCID-arjb-mbgt-97dh" }, { "vulnerability": "VCID-g6wm-gjsy-7fdt" }, { "vulnerability": "VCID-humm-nga7-hbe4" }, { "vulnerability": "VCID-jtqp-g65r-93hs" }, { "vulnerability": "VCID-p2gb-esw8-3ya7" }, { "vulnerability": "VCID-qnk5-9jfz-5bhh" }, { "vulnerability": "VCID-rxu6-ccns-m3fk" }, { "vulnerability": "VCID-sq7n-ehxa-rbb9" }, { "vulnerability": "VCID-tyba-yxs8-7kgb" }, { "vulnerability": "VCID-u1bz-wj83-nbbt" }, { "vulnerability": "VCID-v1kq-a6wk-bka9" }, { "vulnerability": "VCID-vc1g-tqkt-w7gt" }, { "vulnerability": "VCID-ve54-aaqx-xkck" }, { "vulnerability": "VCID-wutq-k9ph-zyab" }, { "vulnerability": "VCID-x2ne-qxnz-rkem" }, { "vulnerability": "VCID-xbzy-s3xw-y7ey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/26286?format=api", "purl": "pkg:composer/typo3/cms-core@11.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4hp8-5qeb-wyam" }, { "vulnerability": "VCID-5ddb-qvu6-c7dd" }, { "vulnerability": "VCID-9f74-pxxq-3qea" }, { "vulnerability": "VCID-9fu7-2brx-j3az" }, { "vulnerability": "VCID-9kzb-yw93-rqd3" }, { "vulnerability": "VCID-9mh5-8n3y-93c8" }, { "vulnerability": "VCID-arjb-mbgt-97dh" }, { "vulnerability": "VCID-g6wm-gjsy-7fdt" }, { "vulnerability": "VCID-humm-nga7-hbe4" }, { "vulnerability": "VCID-jtqp-g65r-93hs" }, { "vulnerability": "VCID-p2gb-esw8-3ya7" }, { "vulnerability": "VCID-qnk5-9jfz-5bhh" }, { "vulnerability": "VCID-rxu6-ccns-m3fk" }, { "vulnerability": "VCID-sq7n-ehxa-rbb9" }, { "vulnerability": "VCID-tyba-yxs8-7kgb" }, { "vulnerability": "VCID-u1bz-wj83-nbbt" }, { "vulnerability": "VCID-v1kq-a6wk-bka9" }, { "vulnerability": "VCID-vc1g-tqkt-w7gt" }, { "vulnerability": "VCID-ve54-aaqx-xkck" }, { "vulnerability": "VCID-wutq-k9ph-zyab" }, { "vulnerability": "VCID-x2ne-qxnz-rkem" }, { "vulnerability": "VCID-xbzy-s3xw-y7ey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.5.16" } ], "aliases": [ "CVE-2022-36107", "GHSA-9c6w-55cp-5w25" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7rj-6q7r-dug5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/166997?format=api", "vulnerability_id": "VCID-fajx-7vk2-yfd4", "summary": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd party TYPO3 extensions providing a custom authentication service should check if the extension is affected by the described problem. Affected extensions must implement new `MimicServiceInterface::mimicAuthUser`, which simulates corresponding times regular processing would usually take. Update to TYPO3 version 7.6.58 ELTS, 8.7.48 ELTS, 9.5.37 ELTS, 10.4.32 or 11.5.16 that fix this problem. There are no known workarounds for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.52164", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.52158", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.52034", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.52176", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36105" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/f0fc9c4cd7c38207c30dd158de53ee5d9d6f41a2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/f0fc9c4cd7c38207c30dd158de53ee5d9d6f41a2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36105", "reference_id": "CVE-2022-36105", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36105" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36105.yaml", "reference_id": "CVE-2022-36105.YAML", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36105.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36105.yaml", "reference_id": "CVE-2022-36105.YAML", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36105.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/f8b83ce15d4ea275a5a5e564e5d324242f7937b6", "reference_id": "f8b83ce15d4ea275a5a5e564e5d324242f7937b6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:34Z/" } ], "url": "https://github.com/TYPO3/typo3/commit/f8b83ce15d4ea275a5a5e564e5d324242f7937b6" }, { "reference_url": "https://github.com/advisories/GHSA-m392-235j-9r7r", "reference_id": "GHSA-m392-235j-9r7r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m392-235j-9r7r" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m392-235j-9r7r", "reference_id": "GHSA-m392-235j-9r7r", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:34Z/" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m392-235j-9r7r" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2022-007", "reference_id": "typo3-core-sa-2022-007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:34Z/" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-007" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/26277?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.48", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.48" }, { "url": "http://public2.vulnerablecode.io/api/packages/26281?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.37", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.37" }, { "url": "http://public2.vulnerablecode.io/api/packages/26284?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4hp8-5qeb-wyam" }, { "vulnerability": "VCID-5ddb-qvu6-c7dd" }, { "vulnerability": "VCID-9f74-pxxq-3qea" }, { "vulnerability": "VCID-9fu7-2brx-j3az" }, { "vulnerability": "VCID-9kzb-yw93-rqd3" }, { "vulnerability": "VCID-9mh5-8n3y-93c8" }, { "vulnerability": "VCID-arjb-mbgt-97dh" }, { "vulnerability": "VCID-g6wm-gjsy-7fdt" }, { "vulnerability": "VCID-humm-nga7-hbe4" }, { "vulnerability": "VCID-jtqp-g65r-93hs" }, { "vulnerability": "VCID-p2gb-esw8-3ya7" }, { "vulnerability": "VCID-qnk5-9jfz-5bhh" }, { "vulnerability": "VCID-rxu6-ccns-m3fk" }, { "vulnerability": "VCID-sq7n-ehxa-rbb9" }, { "vulnerability": "VCID-tyba-yxs8-7kgb" }, { "vulnerability": "VCID-u1bz-wj83-nbbt" }, { "vulnerability": "VCID-v1kq-a6wk-bka9" }, { "vulnerability": "VCID-vc1g-tqkt-w7gt" }, { "vulnerability": "VCID-ve54-aaqx-xkck" }, { "vulnerability": "VCID-wutq-k9ph-zyab" }, { "vulnerability": "VCID-x2ne-qxnz-rkem" }, { "vulnerability": "VCID-xbzy-s3xw-y7ey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/26286?format=api", "purl": "pkg:composer/typo3/cms-core@11.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4hp8-5qeb-wyam" }, { "vulnerability": "VCID-5ddb-qvu6-c7dd" }, { "vulnerability": "VCID-9f74-pxxq-3qea" }, { "vulnerability": "VCID-9fu7-2brx-j3az" }, { "vulnerability": "VCID-9kzb-yw93-rqd3" }, { "vulnerability": "VCID-9mh5-8n3y-93c8" }, { "vulnerability": "VCID-arjb-mbgt-97dh" }, { "vulnerability": "VCID-g6wm-gjsy-7fdt" }, { "vulnerability": "VCID-humm-nga7-hbe4" }, { "vulnerability": "VCID-jtqp-g65r-93hs" }, { "vulnerability": "VCID-p2gb-esw8-3ya7" }, { "vulnerability": "VCID-qnk5-9jfz-5bhh" }, { "vulnerability": "VCID-rxu6-ccns-m3fk" }, { "vulnerability": "VCID-sq7n-ehxa-rbb9" }, { "vulnerability": "VCID-tyba-yxs8-7kgb" }, { "vulnerability": "VCID-u1bz-wj83-nbbt" }, { "vulnerability": "VCID-v1kq-a6wk-bka9" }, { "vulnerability": "VCID-vc1g-tqkt-w7gt" }, { "vulnerability": "VCID-ve54-aaqx-xkck" }, { "vulnerability": "VCID-wutq-k9ph-zyab" }, { "vulnerability": "VCID-x2ne-qxnz-rkem" }, { "vulnerability": "VCID-xbzy-s3xw-y7ey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.5.16" } ], "aliases": [ "CVE-2022-36105", "GHSA-m392-235j-9r7r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fajx-7vk2-yfd4" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.47" }