Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/52276?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/52276?format=api", "purl": "pkg:composer/typo3/cms@8.2.0", "type": "composer", "namespace": "typo3", "name": "cms", "version": "8.2.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "10.4.35", "latest_non_vulnerable_version": "12.2.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/192056?format=api", "vulnerability_id": "VCID-1fcd-s2kt-kqcw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23503", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.6429", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23503" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23503.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23503.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23503.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23503.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/1302e88565821f2159e08b5d818d28de17ecc830", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/1302e88565821f2159e08b5d818d28de17ecc830" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5wx-6c2c-f7rm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-18T18:23:57Z/" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5wx-6c2c-f7rm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23503", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23503" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2022-015", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-015" }, { "reference_url": "https://github.com/advisories/GHSA-c5wx-6c2c-f7rm", "reference_id": "GHSA-c5wx-6c2c-f7rm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c5wx-6c2c-f7rm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213036?format=api", "purl": "pkg:composer/typo3/cms@10.4.33", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-293q-d5mc-g7a5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.33" }, { "url": "http://public2.vulnerablecode.io/api/packages/213037?format=api", "purl": "pkg:composer/typo3/cms@11.5.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-293q-d5mc-g7a5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.5.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/213038?format=api", "purl": "pkg:composer/typo3/cms@12.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-293q-d5mc-g7a5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@12.1.1" } ], "aliases": [ "CVE-2022-23503", "GHSA-c5wx-6c2c-f7rm" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1fcd-s2kt-kqcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10964?format=api", "vulnerability_id": "VCID-1gqt-7jfy-73d8", "summary": "Uncontrolled Resource Consumption\nCache Flooding in TYPO3 Frontend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51762?format=api", "purl": "pkg:composer/typo3/cms@8.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.0" } ], "aliases": [ "GMS-2016-156" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1gqt-7jfy-73d8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13152?format=api", "vulnerability_id": "VCID-1snp-vv9h-zycr", "summary": "Information Disclosure in Install Tool.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-101" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1snp-vv9h-zycr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11567?format=api", "vulnerability_id": "VCID-1znq-61hf-6ybk", "summary": "Information Disclosure\nHTTP requests being performed using the TYPO3 API expose the specific TYPO3 version to the called endpoint.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "TYPO3-CORE-SA-2017-006" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1znq-61hf-6ybk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340983?format=api", "vulnerability_id": "VCID-2a62-91pm-nbgm", "summary": "Arbitrary Code Execution in TYPO3 CMS", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-4.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2017-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2017-007" }, { "reference_url": "https://github.com/advisories/GHSA-67wg-6j7r-mqh8", "reference_id": "GHSA-67wg-6j7r-mqh8", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-67wg-6j7r-mqh8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "GHSA-67wg-6j7r-mqh8" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2a62-91pm-nbgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340998?format=api", "vulnerability_id": "VCID-2dk9-nj1q-zbac", "summary": "Typo3 Security Misconfiguration in User Session Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-05-07-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-05-07-2.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011" }, { "reference_url": "https://github.com/advisories/GHSA-g9rv-6g56-65h8", "reference_id": "GHSA-g9rv-6g56-65h8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g9rv-6g56-65h8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56968?format=api", "purl": "pkg:composer/typo3/cms@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56969?format=api", "purl": "pkg:composer/typo3/cms@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6" } ], "aliases": [ "GHSA-g9rv-6g56-65h8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2dk9-nj1q-zbac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10967?format=api", "vulnerability_id": "VCID-3k2a-rajw-87cb", "summary": "Improper Access Control\nPHP does not attempt to address RFC section namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the `HTTP_PROXY` environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an `httpoxy` issue.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1609.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1609.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1610.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1610.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1611.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1611.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1612.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1612.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1613.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1613.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5385.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5385.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.83504", "scoring_system": "epss", "scoring_elements": "0.99296", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5385" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6297" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/amphp/artax/commit/81254742812a5a9adf4b085f543f3f21daedcd97", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/amphp/artax/commit/81254742812a5a9adf4b085f543f3f21daedcd97" }, { "reference_url": "https://github.com/amphp/artax/commit/b60cf493c9e577a3678865f620b1eb61ab3d7ca9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/amphp/artax/commit/b60cf493c9e577a3678865f620b1eb61ab3d7ca9" }, { "reference_url": "https://github.com/bugsnag/bugsnag-laravel/pull/143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bugsnag/bugsnag-laravel/pull/143" }, { "reference_url": "https://github.com/bugsnag/bugsnag-laravel/pull/145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bugsnag/bugsnag-laravel/pull/145" }, { "reference_url": "https://github.com/bugsnag/bugsnag-laravel/releases/tag/v2.0.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bugsnag/bugsnag-laravel/releases/tag/v2.0.2" }, { "reference_url": "https://github.com/guzzle/guzzle/blob/4.x/CHANGELOG.md#424-2016-07-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/guzzle/guzzle/blob/4.x/CHANGELOG.md#424-2016-07-18" }, { "reference_url": "https://github.com/guzzle/guzzle/blob/5.3/CHANGELOG.md#531---2016-07-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/guzzle/guzzle/blob/5.3/CHANGELOG.md#531---2016-07-18" }, { "reference_url": "https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md#622---2016-10-08", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md#622---2016-10-08" }, { "reference_url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1" }, { "reference_url": "https://github.com/humbug/file_get_contents/pull/23", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/humbug/file_get_contents/pull/23" }, { "reference_url": "https://github.com/humbug/file_get_contents/pull/23/commits/848e8c282a863654e76bd958acfb57c81cb739b5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/humbug/file_get_contents/pull/23/commits/848e8c282a863654e76bd958acfb57c81cb739b5" }, { "reference_url": "https://github.com/humbug/file_get_contents/releases/tag/1.1.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/humbug/file_get_contents/releases/tag/1.1.2" }, { "reference_url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "reference_url": "https://httpoxy.org/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpoxy.org/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/" }, { "reference_url": "https://security.gentoo.org/glsa/201611-22", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-22" }, { "reference_url": "https://twitter.com/asyncphp/status/755136084917583872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://twitter.com/asyncphp/status/755136084917583872" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-019" }, { "reference_url": "https://www.drupal.org/SA-CORE-2016-003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.drupal.org/SA-CORE-2016-003" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3631", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3631" }, { "reference_url": "http://www.kb.cert.org/vuls/id/797896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/797896" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.securityfocus.com/bid/91821", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91821" }, { "reference_url": "http://www.securitytracker.com/id/1036335", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036335" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5385", "reference_id": "CVE-2016-5385", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5385" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/amphp/artax/CVE-2016-5385.yaml", "reference_id": "CVE-2016-5385.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/amphp/artax/CVE-2016-5385.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/bugsnag/bugsnag-laravel/CVE-2016-5385.yaml", "reference_id": "CVE-2016-5385.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/bugsnag/bugsnag-laravel/CVE-2016-5385.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-5385.yaml", "reference_id": "CVE-2016-5385.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-5385.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-5385.yaml", "reference_id": "CVE-2016-5385.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-5385.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2016-5385.yaml", "reference_id": "CVE-2016-5385.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2016-5385.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/padraic/humbug_get_contents/CVE-2016-5385.yaml", "reference_id": "CVE-2016-5385.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/padraic/humbug_get_contents/CVE-2016-5385.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2016-5385.yaml", "reference_id": "CVE-2016-5385.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2016-5385.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-m6ch-gg5f-wxx3", "reference_id": "GHSA-m6ch-gg5f-wxx3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m6ch-gg5f-wxx3" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1609", "reference_id": "RHSA-2016:1609", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1609" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1610", "reference_id": "RHSA-2016:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1611", "reference_id": "RHSA-2016:1611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1612", "reference_id": "RHSA-2016:1612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1613", "reference_id": "RHSA-2016:1613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1613" }, { "reference_url": "https://usn.ubuntu.com/3045-1/", "reference_id": "USN-3045-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3045-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "CVE-2016-5385", "GHSA-m6ch-gg5f-wxx3" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3k2a-rajw-87cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13086?format=api", "vulnerability_id": "VCID-49a1-re6y-9ybm", "summary": "Cross-site Scripting\nCKEditor allows user-assisted XSS involving a source-mode paste.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17960", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02024", "scoring_system": "epss", "scoring_elements": "0.84065", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17960" }, { "reference_url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released" }, { "reference_url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/" }, { "reference_url": "https://ckeditor.com/cke4/release/CKEditor-4.11.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://ckeditor.com/cke4/release/CKEditor-4.11.0" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005" }, { "reference_url": "https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217", "reference_id": "1015217", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17960", "reference_id": "CVE-2018-17960", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17960" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml", "reference_id": "CVE-2018-17960.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml", "reference_id": "CVE-2018-17960.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-g68x-vvqq-pvw3", "reference_id": "GHSA-g68x-vvqq-pvw3", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g68x-vvqq-pvw3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "CVE-2018-17960", "GHSA-g68x-vvqq-pvw3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-49a1-re6y-9ybm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341026?format=api", "vulnerability_id": "VCID-4sva-74pj-6ke8", "summary": "TYPO3 Arbitrary Code Execution via File List Module", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-7.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-7.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/095ae4ab6869d0f7dc7befedb851cdd7ad0c7ebf", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/095ae4ab6869d0f7dc7befedb851cdd7ad0c7ebf" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/9990278ce7cf8e4d6b8bf31edec6787722d38b0f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/9990278ce7cf8e4d6b8bf31edec6787722d38b0f" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008" }, { "reference_url": "https://github.com/advisories/GHSA-8h4m-r4wm-xj7r", "reference_id": "GHSA-8h4m-r4wm-xj7r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8h4m-r4wm-xj7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GHSA-8h4m-r4wm-xj7r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sva-74pj-6ke8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170937?format=api", "vulnerability_id": "VCID-55k8-c62g-4bex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48752", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" }, { "reference_url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "GHSA-4jhw-2p6j-5wmp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57440?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207165?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207160?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207163?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21338", "GHSA-4jhw-2p6j-5wmp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55k8-c62g-4bex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340991?format=api", "vulnerability_id": "VCID-5ap1-cx3k-kyej", "summary": "Cache Flooding in TYPO3 Frontend", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-09-14-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-09-14-2.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-pw2q-qwvj-gh43", "reference_id": "GHSA-pw2q-qwvj-gh43", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pw2q-qwvj-gh43" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51846?format=api", "purl": "pkg:composer/typo3/cms@8.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.1" } ], "aliases": [ "GHSA-pw2q-qwvj-gh43" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ap1-cx3k-kyej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13146?format=api", "vulnerability_id": "VCID-5bc6-kka6-p3h4", "summary": "Cross-site Scripting\nCross-Site Scripting in Backend Modal Component.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-98" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bc6-kka6-p3h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340978?format=api", "vulnerability_id": "VCID-5ddu-qq6e-jya3", "summary": "Information Disclosure in TYPO3 Backend", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-4.yaml" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-017", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-017" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-017", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-017" }, { "reference_url": "https://github.com/advisories/GHSA-vpr3-rc99-2wpr", "reference_id": "GHSA-vpr3-rc99-2wpr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vpr3-rc99-2wpr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GHSA-vpr3-rc99-2wpr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ddu-qq6e-jya3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13745?format=api", "vulnerability_id": "VCID-5nbd-n22c-c3es", "summary": "Security Misconfiguration in Frontend Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GMS-2019-187" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5nbd-n22c-c3es" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11292?format=api", "vulnerability_id": "VCID-5vjr-mcn8-sbc2", "summary": "Cross-site Scripting\nXSS in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52274?format=api", "purl": "pkg:composer/typo3/cms@8.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.6.1" } ], "aliases": [ "GMS-2017-349" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5vjr-mcn8-sbc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340993?format=api", "vulnerability_id": "VCID-624d-jac1-9ba7", "summary": "Insecure Unserialize in TYPO3 Backend", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-1.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-c7rj-92xr-wprg", "reference_id": "GHSA-c7rj-92xr-wprg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c7rj-92xr-wprg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51936?format=api", "purl": "pkg:composer/typo3/cms@8.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1" } ], "aliases": [ "GHSA-c7rj-92xr-wprg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-624d-jac1-9ba7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13748?format=api", "vulnerability_id": "VCID-6hc5-w52t-kkf3", "summary": "Cross-site Scripting\nCross-Site Scripting in Link Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GMS-2019-186" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hc5-w52t-kkf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13242?format=api", "vulnerability_id": "VCID-6qgs-yxdm-dfa5", "summary": "Code Injection\nArbitrary Code Execution via File List Module.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GMS-2019-178" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qgs-yxdm-dfa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341020?format=api", "vulnerability_id": "VCID-6tzs-x8d1-ebe1", "summary": "TYPO3 Cross-Site Scripting in Link Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-2.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/25f796b94e23bac77e836bd38f53ce998c094901", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/25f796b94e23bac77e836bd38f53ce998c094901" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/64db88b9b61bb67b3b44145dc8e0e1ef251da45e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/64db88b9b61bb67b3b44145dc8e0e1ef251da45e" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/a35c42e9bcb020e16016d1c146354513a9856bc0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/a35c42e9bcb020e16016d1c146354513a9856bc0" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-022", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-022" }, { "reference_url": "https://github.com/advisories/GHSA-xgmx-j3hv-jh9x", "reference_id": "GHSA-xgmx-j3hv-jh9x", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xgmx-j3hv-jh9x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81691?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/81690?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/81692?format=api", "purl": "pkg:composer/typo3/cms@10.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ns1x-vkjc-e3ev" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1" } ], "aliases": [ "GHSA-xgmx-j3hv-jh9x" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6tzs-x8d1-ebe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341025?format=api", "vulnerability_id": "VCID-6urd-bx9f-ckbu", "summary": "TYPO3 Denial of Service in Frontend Record Registration", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-7.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-7.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/05011d1248c54d00960e344fd920a6246da92415", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/05011d1248c54d00960e344fd920a6246da92415" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/fc2b4b9fb978088267f83e73cd401d4371dd40e3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/fc2b4b9fb978088267f83e73cd401d4371dd40e3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012" }, { "reference_url": "https://github.com/advisories/GHSA-g585-crjf-vhwq", "reference_id": "GHSA-g585-crjf-vhwq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g585-crjf-vhwq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" } ], "aliases": [ "GHSA-g585-crjf-vhwq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6urd-bx9f-ckbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13137?format=api", "vulnerability_id": "VCID-6xu1-wd67-2fdn", "summary": "Cross-site Scripting\nCross-Site Scripting in CKEditor.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-104" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6xu1-wd67-2fdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/192054?format=api", "vulnerability_id": "VCID-7bbm-nfjy-c3fx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23501", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40363", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23501" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23501.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23501.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23501.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23501.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/28be9cdb3fed02ce4cfc6fa2d39f7d8e2266eced", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/28be9cdb3fed02ce4cfc6fa2d39f7d8e2266eced" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T18:48:00Z/" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23501", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23501" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2022-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-013" }, { "reference_url": "https://github.com/advisories/GHSA-jfp7-79g7-89rf", "reference_id": "GHSA-jfp7-79g7-89rf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jfp7-79g7-89rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213036?format=api", "purl": "pkg:composer/typo3/cms@10.4.33", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-293q-d5mc-g7a5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.33" }, { "url": "http://public2.vulnerablecode.io/api/packages/213037?format=api", "purl": "pkg:composer/typo3/cms@11.5.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-293q-d5mc-g7a5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.5.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/213038?format=api", "purl": "pkg:composer/typo3/cms@12.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-293q-d5mc-g7a5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@12.1.1" } ], "aliases": [ "CVE-2022-23501", "GHSA-jfp7-79g7-89rf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7bbm-nfjy-c3fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170955?format=api", "vulnerability_id": "VCID-7prr-a8eb-t3he", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78559", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" }, { "reference_url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "GHSA-3vg7-jw9m-pc3f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57440?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207165?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207160?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207163?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21357", "GHSA-3vg7-jw9m-pc3f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7prr-a8eb-t3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340994?format=api", "vulnerability_id": "VCID-7umb-pj4m-eqfb", "summary": "Cross-Site Scripting in TYPO3 CMS", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-02-28-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-02-28-2.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2017-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2017-003" }, { "reference_url": "https://github.com/advisories/GHSA-5gr6-97fv-52cc", "reference_id": "GHSA-5gr6-97fv-52cc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5gr6-97fv-52cc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52274?format=api", "purl": "pkg:composer/typo3/cms@8.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.6.1" } ], "aliases": [ "GHSA-5gr6-97fv-52cc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7umb-pj4m-eqfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13907?format=api", "vulnerability_id": "VCID-88qn-j3zx-u3gm", "summary": "Cross-site Scripting\nTYPO3 is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768", "reference_id": "CVE-2021-32768", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768" }, { "reference_url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "GHSA-c5c9-8c6m-727v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/206914?format=api", "purl": "pkg:composer/typo3/cms@8.7.42", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/57637?format=api", "purl": "pkg:composer/typo3/cms@9.5.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/57638?format=api", "purl": "pkg:composer/typo3/cms@10.4.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/57639?format=api", "purl": "pkg:composer/typo3/cms@11.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ydx2-yevp-bubw" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.2" } ], "aliases": [ "CVE-2021-32768", "GHSA-c5c9-8c6m-727v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88qn-j3zx-u3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11063?format=api", "vulnerability_id": "VCID-8b94-e1d2-ebam", "summary": "Insecure Deserialization\nInsecure Unserialize in TYPO3 Backend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51936?format=api", "purl": "pkg:composer/typo3/cms@8.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1" } ], "aliases": [ "GMS-2016-157" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8b94-e1d2-ebam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12796?format=api", "vulnerability_id": "VCID-8xgz-x8v3-2kgx", "summary": "Improper Authentication\nAuthentication Bypass in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55079?format=api", "purl": "pkg:composer/typo3/cms@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/55080?format=api", "purl": "pkg:composer/typo3/cms@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2" } ], "aliases": [ "GMS-2018-93" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xgz-x8v3-2kgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11590?format=api", "vulnerability_id": "VCID-94ty-y1r7-pkcy", "summary": "Unrestricted Upload of File with Dangerous Type\nUnrestricted File Upload vulnerability in the `fileDenyPattern` in `sysext/core/Classes/Core/SystemEnvironmentBuilder`.", "references": [ { "reference_url": "http://blog.emaze.net/2017/12/typo3-unrestricted-file-upload-remote.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blog.emaze.net/2017/12/typo3-unrestricted-file-upload-remote.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14251", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03536", "scoring_system": "epss", "scoring_elements": "0.87871", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14251" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/" }, { "reference_url": "http://www.securityfocus.com/bid/100620", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/100620" }, { "reference_url": "http://www.securitytracker.com/id/1039295", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1039295" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14251", "reference_id": "CVE-2017-14251", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14251" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "CVE-2017-14251", "GHSA-fh4q-hxrw-cjqq" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94ty-y1r7-pkcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340997?format=api", "vulnerability_id": "VCID-9x28-fsv5-hqcc", "summary": "Typo3 Information Disclosure in Backend User Interface", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-06-25-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-06-25-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014" }, { "reference_url": "https://github.com/advisories/GHSA-q9c4-9v5m-597p", "reference_id": "GHSA-q9c4-9v5m-597p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q9c4-9v5m-597p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GHSA-q9c4-9v5m-597p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9x28-fsv5-hqcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13145?format=api", "vulnerability_id": "VCID-aghr-ecp4-eqey", "summary": "Uncontrolled Resource Consumption\nDenial of Service in Frontend Record Registration.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/54315?format=api", "purl": "pkg:composer/typo3/cms@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0" } ], "aliases": [ "GMS-2018-103" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aghr-ecp4-eqey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13850?format=api", "vulnerability_id": "VCID-ax86-j7wt-r3eq", "summary": "Cross-site Scripting\nTYPO3 contains a cross-site scripting vulnerability. When error messages are not properly encoded, the components `_QueryGenerator_` and `_QueryView_` are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58702", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668", "reference_id": "CVE-2021-32668", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668" }, { "reference_url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "GHSA-6mh3-j5r5-2379", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57446?format=api", "purl": "pkg:composer/typo3/cms@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57447?format=api", "purl": "pkg:composer/typo3/cms@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57448?format=api", "purl": "pkg:composer/typo3/cms@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ydx2-yevp-bubw" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.1" } ], "aliases": [ "CVE-2021-32668", "GHSA-6mh3-j5r5-2379" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax86-j7wt-r3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13580?format=api", "vulnerability_id": "VCID-b1xu-66dr-d3bf", "summary": "Code Injection\nPossible Arbitrary Code Execution in Image Processing.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56968?format=api", "purl": "pkg:composer/typo3/cms@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56969?format=api", "purl": "pkg:composer/typo3/cms@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6" } ], "aliases": [ "GMS-2019-182" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1xu-66dr-d3bf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11571?format=api", "vulnerability_id": "VCID-b9nw-c7ek-47f9", "summary": "Information Disclosure in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53008?format=api", "purl": "pkg:composer/typo3/cms@8.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.0" } ], "aliases": [ "GMS-2017-351" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9nw-c7ek-47f9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201120?format=api", "vulnerability_id": "VCID-bbx5-ycbt-xbea", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00687", "scoring_system": "epss", "scoring_elements": "0.72061", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36107" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/546208428c861a09d62b86cde141eb19a81fae66", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/546208428c861a09d62b86cde141eb19a81fae66" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/bd58d2ff2eeef89e63ef754a2389597d22622a39", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/bd58d2ff2eeef89e63ef754a2389597d22622a39" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2022-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-009" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36107", "reference_id": "CVE-2022-36107", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36107" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36107.yaml", "reference_id": "CVE-2022-36107.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36107.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36107.yaml", "reference_id": "CVE-2022-36107.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36107.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-9c6w-55cp-5w25", "reference_id": "GHSA-9c6w-55cp-5w25", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9c6w-55cp-5w25" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-9c6w-55cp-5w25", "reference_id": "GHSA-9c6w-55cp-5w25", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-9c6w-55cp-5w25" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79123?format=api", "purl": "pkg:composer/typo3/cms@10.4.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-xexd-m212-p3aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/79121?format=api", "purl": "pkg:composer/typo3/cms@11.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-xexd-m212-p3aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.5.16" } ], "aliases": [ "CVE-2022-36107", "GHSA-9c6w-55cp-5w25" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbx5-ycbt-xbea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11060?format=api", "vulnerability_id": "VCID-be91-38em-33f7", "summary": "Insecure Unserialize in TYPO3 Backend\nFailing to properly validate incoming data, the suggest wizard is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is needed.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51936?format=api", "purl": "pkg:composer/typo3/cms@8.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1" } ], "aliases": [ "TYPO3-CORE-SA-2016-023" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-be91-38em-33f7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13249?format=api", "vulnerability_id": "VCID-bjbm-8nvj-dyb1", "summary": "Cross-site Scripting\nCross-Site Scripting in Form Framework.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GMS-2019-177" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bjbm-8nvj-dyb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10973?format=api", "vulnerability_id": "VCID-bq2x-vxuk-yyc7", "summary": "Cross-site Scripting\nCross-Site Scripting in TYPO3 Backend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-014/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GMS-2016-148" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bq2x-vxuk-yyc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11296?format=api", "vulnerability_id": "VCID-bu7f-ndjb-wqft", "summary": "Improper Authentication\nAuthentication Bypass in TYPO3 Frontend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52274?format=api", "purl": "pkg:composer/typo3/cms@8.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.6.1" } ], "aliases": [ "GMS-2017-348" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bu7f-ndjb-wqft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340979?format=api", "vulnerability_id": "VCID-bxg2-mzgy-p3ew", "summary": "Cross-Site Scripting in third party library mso/idna-convert", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-7.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-7.yaml" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-020", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-020" }, { "reference_url": "https://github.com/advisories/GHSA-qmwf-j7g7-f5jw", "reference_id": "GHSA-qmwf-j7g7-f5jw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qmwf-j7g7-f5jw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GHSA-qmwf-j7g7-f5jw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bxg2-mzgy-p3ew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341031?format=api", "vulnerability_id": "VCID-bxgx-dwg9-4ygv", "summary": "TYPO3 Information Disclosure in Install Tool", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-5.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-5.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/232d0a64282382229c205904173a16a581555fe3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/232d0a64282382229c205904173a16a581555fe3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/b4dd20f31d483f6399e8bcbffcac3e16a2df0d92", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/b4dd20f31d483f6399e8bcbffcac3e16a2df0d92" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/fab0cbc970b709ed65fc4622a2cbd52a197480c4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/fab0cbc970b709ed65fc4622a2cbd52a197480c4" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010" }, { "reference_url": "https://github.com/advisories/GHSA-6487-3qvg-8px9", "reference_id": "GHSA-6487-3qvg-8px9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6487-3qvg-8px9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GHSA-6487-3qvg-8px9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bxgx-dwg9-4ygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13590?format=api", "vulnerability_id": "VCID-cag3-ba8g-zfcn", "summary": "Improper Input Validation\nTYPO3 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by `ImageMagick` or `GraphicsMagick`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.7599", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11832" }, { "reference_url": "https://github.com/github/advisory-database/pull/3530", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/pull/3530" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/2c04eeac44733fda491f92c697f88c1337d19c79", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/2c04eeac44733fda491f92c697f88c1337d19c79" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/51fdb774a57ee30e8d60c0e33b4a0b92d775739e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/51fdb774a57ee30e8d60c0e33b4a0b92d775739e" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/e845d90b82b2f72ab12a9e37f15082297832beca", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/e845d90b82b2f72ab12a9e37f15082297832beca" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11832", "reference_id": "CVE-2019-11832", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11832" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-11832.yaml", "reference_id": "CVE-2019-11832.YAML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-11832.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-11832.yaml", "reference_id": "CVE-2019-11832.YAML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-11832.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-3w4h-r27h-4r2w", "reference_id": "GHSA-3w4h-r27h-4r2w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3w4h-r27h-4r2w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56968?format=api", "purl": "pkg:composer/typo3/cms@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56969?format=api", "purl": "pkg:composer/typo3/cms@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6" } ], "aliases": [ "CVE-2019-11832", "GHSA-3w4h-r27h-4r2w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cag3-ba8g-zfcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11020?format=api", "vulnerability_id": "VCID-d8xz-ft2x-abdb", "summary": "Cache Flooding in Frontend\nLinks with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the number of available valid links with a cHash, attackers could add a considerable amount of additional cache entries, which in the end exceed storage limits and thus could lead to the system not responding any more. This means the Cache Flooding attack potentially could lead to a successful Denial of Service (DoS) attack.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51846?format=api", "purl": "pkg:composer/typo3/cms@8.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.1" } ], "aliases": [ "TYPO3-CORE-SA-2016-022" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d8xz-ft2x-abdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340981?format=api", "vulnerability_id": "VCID-davd-3pp1-gbg5", "summary": "Cross-Site Scripting (XSS) vulnerability in typolinks", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-5.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-5.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-018", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-018" }, { "reference_url": "https://github.com/advisories/GHSA-p5c5-gmj4-g48f", "reference_id": "GHSA-p5c5-gmj4-g48f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p5c5-gmj4-g48f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GHSA-p5c5-gmj4-g48f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-davd-3pp1-gbg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341024?format=api", "vulnerability_id": "VCID-de8m-ktdb-w3ht", "summary": "TYPO3 Information Disclosure of Installed Extensions", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/889ed77d2905d8b17afd31c723a23240c978823f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/889ed77d2905d8b17afd31c723a23240c978823f" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/c81cca9e419e7aaed551b9b9a8d012ba7bffb287", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/c81cca9e419e7aaed551b9b9a8d012ba7bffb287" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001" }, { "reference_url": "https://github.com/advisories/GHSA-f624-8hfq-5fh3", "reference_id": "GHSA-f624-8hfq-5fh3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f624-8hfq-5fh3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GHSA-f624-8hfq-5fh3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-de8m-ktdb-w3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341032?format=api", "vulnerability_id": "VCID-dus4-tfjy-h3f4", "summary": "TYPO3 Denial of Service in Online Media Asset Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-6.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-6.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/054799caf53b28ff92e00aff957fab88c45a7509", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/054799caf53b28ff92e00aff957fab88c45a7509" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/16567366e2a25c0cbed7208c3be9eda962e28c9b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/16567366e2a25c0cbed7208c3be9eda962e28c9b" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/7a5155e0137d01db7e5723849f0493ad5b0c98ac", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/7a5155e0137d01db7e5723849f0493ad5b0c98ac" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011" }, { "reference_url": "https://github.com/advisories/GHSA-f3wf-q4fj-3gxf", "reference_id": "GHSA-f3wf-q4fj-3gxf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f3wf-q4fj-3gxf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GHSA-f3wf-q4fj-3gxf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dus4-tfjy-h3f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340984?format=api", "vulnerability_id": "VCID-dxry-btsq-7qan", "summary": "TYPO3 Remote Code Execution in third party library swiftmailer", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-01-03-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-01-03-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2017-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2017-001" }, { "reference_url": "https://github.com/advisories/GHSA-g4pf-3jvq-2gcw", "reference_id": "GHSA-g4pf-3jvq-2gcw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g4pf-3jvq-2gcw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53031?format=api", "purl": "pkg:composer/typo3/cms@8.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.5.1" } ], "aliases": [ "GHSA-g4pf-3jvq-2gcw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxry-btsq-7qan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11565?format=api", "vulnerability_id": "VCID-erwv-fmcy-ryed", "summary": "Information Disclosure in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53008?format=api", "purl": "pkg:composer/typo3/cms@8.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.0" } ], "aliases": [ "GMS-2017-352" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-erwv-fmcy-ryed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341027?format=api", "vulnerability_id": "VCID-es5w-n25j-nqhg", "summary": "TYPO3 Cross-Site Scripting in Online Media Asset Rendering", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/20927adfb8aae0093508c904937e40114b92a90c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/20927adfb8aae0093508c904937e40114b92a90c" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/a32a9a746f807b14571139f0cb7caa00b8d037a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/a32a9a746f807b14571139f0cb7caa00b8d037a5" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/c9174937802581bfecfaa788512a4f6e5cf8e9c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/c9174937802581bfecfaa788512a4f6e5cf8e9c7" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006" }, { "reference_url": "https://github.com/advisories/GHSA-8m6j-p5jv-v69w", "reference_id": "GHSA-8m6j-p5jv-v69w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8m6j-p5jv-v69w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GHSA-8m6j-p5jv-v69w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-es5w-n25j-nqhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341030?format=api", "vulnerability_id": "VCID-evcy-2c82-nbbk", "summary": "TYPO3 Security Misconfiguration in Install Tool Cookie", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-4.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/13328b0f74ac589a20b021db814dfa672581c26a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/13328b0f74ac589a20b021db814dfa672581c26a" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/918e50e4d20d88c7e40ad3bb134267d07706b0b1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/918e50e4d20d88c7e40ad3bb134267d07706b0b1" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/a5359491e3fb3164a6ba96a66c8e67fbb9971a4c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/a5359491e3fb3164a6ba96a66c8e67fbb9971a4c" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009" }, { "reference_url": "https://github.com/advisories/GHSA-f777-f784-36gm", "reference_id": "GHSA-f777-f784-36gm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f777-f784-36gm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GHSA-f777-f784-36gm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-evcy-2c82-nbbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13739?format=api", "vulnerability_id": "VCID-eyxt-9p91-vfdf", "summary": "Insecure Deserialization in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GMS-2019-189" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyxt-9p91-vfdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13148?format=api", "vulnerability_id": "VCID-f7mj-c3hb-gbaa", "summary": "Cross-site Scripting\nCross-Site Scripting in Frontend User Login.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-99" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7mj-c3hb-gbaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201118?format=api", "vulnerability_id": "VCID-f8x4-nz64-3ya8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51909", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36105" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/f0fc9c4cd7c38207c30dd158de53ee5d9d6f41a2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/f0fc9c4cd7c38207c30dd158de53ee5d9d6f41a2" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/f8b83ce15d4ea275a5a5e564e5d324242f7937b6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:34Z/" } ], "url": "https://github.com/TYPO3/typo3/commit/f8b83ce15d4ea275a5a5e564e5d324242f7937b6" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2022-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:34Z/" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-007" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36105", "reference_id": "CVE-2022-36105", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36105" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36105.yaml", "reference_id": "CVE-2022-36105.YAML", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36105.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36105.yaml", "reference_id": "CVE-2022-36105.YAML", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36105.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-m392-235j-9r7r", "reference_id": "GHSA-m392-235j-9r7r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m392-235j-9r7r" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m392-235j-9r7r", "reference_id": "GHSA-m392-235j-9r7r", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:34Z/" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m392-235j-9r7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79123?format=api", "purl": "pkg:composer/typo3/cms@10.4.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-xexd-m212-p3aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/79121?format=api", "purl": "pkg:composer/typo3/cms@11.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-xexd-m212-p3aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.5.16" } ], "aliases": [ "CVE-2022-36105", "GHSA-m392-235j-9r7r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8x4-nz64-3ya8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13239?format=api", "vulnerability_id": "VCID-fh4y-fm7b-hqaj", "summary": "Information Disclosure of Installed Extensions.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GMS-2019-172" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fh4y-fm7b-hqaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13750?format=api", "vulnerability_id": "VCID-fhf6-ehe3-9fc9", "summary": "Code Injection\nArbitrary Code Execution and Cross-Site Scripting in Backend API.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GMS-2019-188" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhf6-ehe3-9fc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142750?format=api", "vulnerability_id": "VCID-fm88-sv4z-qyak", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52048", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19850" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://review.typo3.org/q/%2522Resolves:+%252389452%2522+topic:security", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://review.typo3.org/q/%2522Resolves:+%252389452%2522+topic:security" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-025", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-025" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-025/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-025/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19850", "reference_id": "CVE-2019-19850", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19850" }, { "reference_url": "https://github.com/advisories/GHSA-59pj-7mjh-4465", "reference_id": "GHSA-59pj-7mjh-4465", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-59pj-7mjh-4465" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81691?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/81690?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/213888?format=api", "purl": "pkg:composer/typo3/cms@10.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ns1x-vkjc-e3ev" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2" } ], "aliases": [ "CVE-2019-19850", "GHSA-59pj-7mjh-4465" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fm88-sv4z-qyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13847?format=api", "vulnerability_id": "VCID-fpg4-zerw-wba9", "summary": "Inclusion of Sensitive Information in Log Files\nTYPO3 is an open source PHP based web content management system. User credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55881", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767", "reference_id": "CVE-2021-32767", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767" }, { "reference_url": "https://github.com/advisories/GHSA-34fr-fhqr-7235", "reference_id": "GHSA-34fr-fhqr-7235", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-34fr-fhqr-7235" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57446?format=api", "purl": "pkg:composer/typo3/cms@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57447?format=api", "purl": "pkg:composer/typo3/cms@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57448?format=api", "purl": "pkg:composer/typo3/cms@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ydx2-yevp-bubw" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.1" } ], "aliases": [ "CVE-2021-32767", "GHSA-34fr-fhqr-7235" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpg4-zerw-wba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340987?format=api", "vulnerability_id": "VCID-fwrf-t4ey-f3br", "summary": "Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-07-12-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-07-12-2.yaml" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002" }, { "reference_url": "https://github.com/advisories/GHSA-ppgf-8745-8pgx", "reference_id": "GHSA-ppgf-8745-8pgx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ppgf-8745-8pgx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55079?format=api", "purl": "pkg:composer/typo3/cms@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/55080?format=api", "purl": "pkg:composer/typo3/cms@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2" } ], "aliases": [ "GHSA-ppgf-8745-8pgx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwrf-t4ey-f3br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10966?format=api", "vulnerability_id": "VCID-fz4c-7jh3-rkcx", "summary": "Cross-site Scripting\nXSS in TYPO3 Backend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51762?format=api", "purl": "pkg:composer/typo3/cms@8.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.0" } ], "aliases": [ "GMS-2016-155" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fz4c-7jh3-rkcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341028?format=api", "vulnerability_id": "VCID-g1k2-f13f-skgf", "summary": "TYPO3 Cross-Site Scripting in Backend Modal Component", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-2.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/02cd5c97228cba477d16c68e28309ce25c433ce9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/02cd5c97228cba477d16c68e28309ce25c433ce9" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/89a38ad0ef9411745954f53f29bea5b8ce81cd32", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/89a38ad0ef9411745954f53f29bea5b8ce81cd32" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/c35646c3f7795a4a7b0046a88f146b490fa4883c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/c35646c3f7795a4a7b0046a88f146b490fa4883c" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007" }, { "reference_url": "https://github.com/advisories/GHSA-7q33-hxwj-7p8v", "reference_id": "GHSA-7q33-hxwj-7p8v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7q33-hxwj-7p8v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GHSA-7q33-hxwj-7p8v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g1k2-f13f-skgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13258?format=api", "vulnerability_id": "VCID-g9kd-xhm7-fbbp", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid `ViewHelpers`.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GMS-2019-175" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g9kd-xhm7-fbbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11566?format=api", "vulnerability_id": "VCID-gfuj-61z7-q7gk", "summary": "Arbitrary Code Execution\nDue to a missing file extension in the `fileDenyPattern`, backend user are allowed to upload *.pht files which can be executed in certain web server setups.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "TYPO3-CORE-SA-2017-007" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfuj-61z7-q7gk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/138240?format=api", "vulnerability_id": "VCID-gfvt-nhw4-gyd6", "summary": "", "references": [ { "reference_url": "http://github.com/TYPO3/typo3/commit/647aa7afa582983cddc547fa106d31e2b1ef34fe", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://github.com/TYPO3/typo3/commit/647aa7afa582983cddc547fa106d31e2b1ef34fe" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01559", "scoring_system": "epss", "scoring_elements": "0.81775", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12747" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/cms/release-news/typo3-8-release-notes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/cms/release-news/typo3-8-release-notes" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12747", "reference_id": "CVE-2019-12747", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12747" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12747.yaml", "reference_id": "CVE-2019-12747.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12747.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12747.yaml", "reference_id": "CVE-2019-12747.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12747.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-86hp-xrhj-fhpq", "reference_id": "GHSA-86hp-xrhj-fhpq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-86hp-xrhj-fhpq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "CVE-2019-12747", "GHSA-86hp-xrhj-fhpq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfvt-nhw4-gyd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341018?format=api", "vulnerability_id": "VCID-gkv2-xedj-zufa", "summary": "TYPO3 Cross-Site Scripting in Filelist Module", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-3.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-3.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/044d7dbe28382919c765b6b815d420f480a1ac70", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/044d7dbe28382919c765b6b815d420f480a1ac70" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/96b122b756cc778697845d48210b0993c0724b5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/96b122b756cc778697845d48210b0993c0724b5f" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/fcc1bab07027ba9d8140a91006d3cda1244d6298", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/fcc1bab07027ba9d8140a91006d3cda1244d6298" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-023" }, { "reference_url": "https://github.com/advisories/GHSA-g7hw-jh4p-75wr", "reference_id": "GHSA-g7hw-jh4p-75wr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g7hw-jh4p-75wr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81691?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/81690?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/81692?format=api", "purl": "pkg:composer/typo3/cms@10.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ns1x-vkjc-e3ev" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1" } ], "aliases": [ "GHSA-g7hw-jh4p-75wr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkv2-xedj-zufa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10974?format=api", "vulnerability_id": "VCID-gtna-7s78-9uaz", "summary": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nEnvironment Variable Injection.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-019" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GMS-2016-153" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtna-7s78-9uaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11021?format=api", "vulnerability_id": "VCID-hecf-jtp1-mygq", "summary": "Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this vulnerability.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51846?format=api", "purl": "pkg:composer/typo3/cms@8.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.1" } ], "aliases": [ "TYPO3-CORE-SA-2016-021" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hecf-jtp1-mygq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11297?format=api", "vulnerability_id": "VCID-hthh-re2d-fqf6", "summary": "XSS Vulnerability\nTYPO3 is vulnerable to Cross-Site Scripting.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52274?format=api", "purl": "pkg:composer/typo3/cms@8.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.6.1" } ], "aliases": [ "TYPO3-CORE-SA-2017-003" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hthh-re2d-fqf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13144?format=api", "vulnerability_id": "VCID-j2em-wgxm-b3af", "summary": "Security Misconfiguration in Install Tool Cookie.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-100" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j2em-wgxm-b3af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13588?format=api", "vulnerability_id": "VCID-ja5a-zt3y-7ugp", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid Engine.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56968?format=api", "purl": "pkg:composer/typo3/cms@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56969?format=api", "purl": "pkg:composer/typo3/cms@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6" } ], "aliases": [ "GMS-2019-180" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ja5a-zt3y-7ugp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170954?format=api", "vulnerability_id": "VCID-jb99-84e9-pudw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62016", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" }, { "reference_url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "GHSA-2r6j-862c-m2v2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57440?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207165?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207160?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207163?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21355", "GHSA-2r6j-862c-m2v2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jb99-84e9-pudw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13749?format=api", "vulnerability_id": "VCID-jrkx-ccre-7fb6", "summary": "Information Disclosure in Backend User Interface.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GMS-2019-185" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jrkx-ccre-7fb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341019?format=api", "vulnerability_id": "VCID-khjn-rfqk-43ck", "summary": "TYPO3 Broken Access Control in Localization Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-3.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-3.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/5004201ee77a69cb825637bc95cdeedb1186f4d4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/5004201ee77a69cb825637bc95cdeedb1186f4d4" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003" }, { "reference_url": "https://github.com/advisories/GHSA-772m-43f3-hmf8", "reference_id": "GHSA-772m-43f3-hmf8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-772m-43f3-hmf8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" } ], "aliases": [ "GHSA-772m-43f3-hmf8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khjn-rfqk-43ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10970?format=api", "vulnerability_id": "VCID-km4h-a6dz-wbd6", "summary": "Deserialization of Untrusted Data\nInsecure Unserialize in TYPO3 Import/Export.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-015" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GMS-2016-149" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-km4h-a6dz-wbd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13150?format=api", "vulnerability_id": "VCID-m9yu-1tca-vfec", "summary": "Cross-site Scripting\nCross-Site Scripting in Online Media Asset Rendering.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-97" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m9yu-1tca-vfec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340989?format=api", "vulnerability_id": "VCID-mna4-dcqb-j7ga", "summary": "Authentication Bypass in TYPO3 CMS", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-07-12-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-07-12-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001" }, { "reference_url": "https://github.com/advisories/GHSA-6f9m-v7mp-7jjq", "reference_id": "GHSA-6f9m-v7mp-7jjq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6f9m-v7mp-7jjq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55079?format=api", "purl": "pkg:composer/typo3/cms@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/55080?format=api", "purl": "pkg:composer/typo3/cms@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2" } ], "aliases": [ "GHSA-6f9m-v7mp-7jjq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mna4-dcqb-j7ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341021?format=api", "vulnerability_id": "VCID-mrs5-ygvw-bufa", "summary": "TYPO3 Security Misconfiguration for Backend User Accounts", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-2.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/b3608d14e1915030cde272000a247cb6d5f982b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/b3608d14e1915030cde272000a247cb6d5f982b8" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/e4d0cff40a4f8f597e52c20fff529e206bb62703", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/e4d0cff40a4f8f597e52c20fff529e206bb62703" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002" }, { "reference_url": "https://github.com/advisories/GHSA-c5mj-39cf-3pp5", "reference_id": "GHSA-c5mj-39cf-3pp5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c5mj-39cf-3pp5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GHSA-c5mj-39cf-3pp5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mrs5-ygvw-bufa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170938?format=api", "vulnerability_id": "VCID-n1ba-m68n-8khg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3235", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" }, { "reference_url": "https://github.com/advisories/GHSA-qx3w-4864-94ch", "reference_id": "GHSA-qx3w-4864-94ch", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qx3w-4864-94ch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57440?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207165?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207160?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207163?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21339", "GHSA-qx3w-4864-94ch" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ba-m68n-8khg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340990?format=api", "vulnerability_id": "VCID-n915-7b6y-6kap", "summary": "Authentication Bypass in TYPO3 Frontend", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-02-28-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-02-28-1.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-mh3r-6cp5-hc2j", "reference_id": "GHSA-mh3r-6cp5-hc2j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mh3r-6cp5-hc2j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52274?format=api", "purl": "pkg:composer/typo3/cms@8.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.6.1" } ], "aliases": [ "GHSA-mh3r-6cp5-hc2j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n915-7b6y-6kap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13261?format=api", "vulnerability_id": "VCID-ny92-a3hq-z3es", "summary": "Security Misconfiguration for Backend User Accounts.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GMS-2019-173" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ny92-a3hq-z3es" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13251?format=api", "vulnerability_id": "VCID-pt7n-4xyk-ayhd", "summary": "Improper Access Control\nBroken Access Control in Localization Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/54315?format=api", "purl": "pkg:composer/typo3/cms@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0" } ], "aliases": [ "GMS-2019-174" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pt7n-4xyk-ayhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13256?format=api", "vulnerability_id": "VCID-pu1y-mtu6-pugz", "summary": "Cross-site Scripting\nCross-Site Scripting in Bootstrap CSS toolkit.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GMS-2019-176" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pu1y-mtu6-pugz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340974?format=api", "vulnerability_id": "VCID-q7ee-6mq3-zfct", "summary": "Cross-Site Scripting in TYPO3 Backend", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-014", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-014" }, { "reference_url": "https://github.com/advisories/GHSA-86r8-4g3w-7xjp", "reference_id": "GHSA-86r8-4g3w-7xjp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-86r8-4g3w-7xjp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GHSA-86r8-4g3w-7xjp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7ee-6mq3-zfct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340988?format=api", "vulnerability_id": "VCID-q7t4-jc4j-23c6", "summary": "Information Disclosure in TYPO3 CMS", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-2.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2017-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2017-005" }, { "reference_url": "https://github.com/advisories/GHSA-g46h-v2cc-6c94", "reference_id": "GHSA-g46h-v2cc-6c94", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g46h-v2cc-6c94" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "GHSA-g46h-v2cc-6c94" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7t4-jc4j-23c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13138?format=api", "vulnerability_id": "VCID-qmbn-ma1j-4yc6", "summary": "Uncontrolled Resource Consumption\nDenial of Service in Online Media Asset Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-102" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmbn-ma1j-4yc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340975?format=api", "vulnerability_id": "VCID-qnrq-2348-3kcs", "summary": "Insecure Unserialize in TYPO3 Import/Export", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-2.yaml" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-015", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-015" }, { "reference_url": "https://github.com/advisories/GHSA-xvcp-33rc-j8gq", "reference_id": "GHSA-xvcp-33rc-j8gq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xvcp-33rc-j8gq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GHSA-xvcp-33rc-j8gq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qnrq-2348-3kcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340986?format=api", "vulnerability_id": "VCID-qw9j-97uz-pycb", "summary": "Information Disclosure in TYPO3 CMS", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-3.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-3.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2017-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2017-006" }, { "reference_url": "https://github.com/advisories/GHSA-c7p6-3c9c-f88q", "reference_id": "GHSA-c7p6-3c9c-f88q", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c7p6-3c9c-f88q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "GHSA-c7p6-3c9c-f88q" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qw9j-97uz-pycb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12805?format=api", "vulnerability_id": "VCID-qxqn-abw1-3qfc", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nIn Bootstrap, XSS is possible in the data-target property of scrollspy.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html" }, { "reference_url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1456", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1456" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07917", "scoring_system": "epss", "scoring_elements": "0.92163", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041" }, { "reference_url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/10" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/11" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/13" }, { "reference_url": "https://github.com/twbs/bootstrap", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26423", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26423" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26627" }, { "reference_url": "https://github.com/twbs/bootstrap/pull/26630", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/pull/26630" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/18" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616", "reference_id": "1601616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "reference_id": "CVE-2018-14041", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml", "reference_id": "CVE-2018-14041.YML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml" }, { "reference_url": "https://github.com/advisories/GHSA-pj7m-g53m-7638", "reference_id": "GHSA-pj7m-g53m-7638", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pj7m-g53m-7638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0552", "reference_id": "RHSA-2023:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0553", "reference_id": "RHSA-2023:0553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0554", "reference_id": "RHSA-2023:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0554" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0556", "reference_id": "RHSA-2023:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5693", "reference_id": "RHSA-2023:5693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5693" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "CVE-2018-14041", "GHSA-pj7m-g53m-7638" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxqn-abw1-3qfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11570?format=api", "vulnerability_id": "VCID-qy73-z69h-4fd3", "summary": "Information Disclosure\nFailing to properly check user permission on file storages, editors could gain knowledge of protected storages and its folders as well as using them in a file collection being rendered in the frontend. A valid backend user account is needed to exploit this vulnerability.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "TYPO3-CORE-SA-2017-005" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qy73-z69h-4fd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11061?format=api", "vulnerability_id": "VCID-r1j7-7y27-jfem", "summary": "Path Traversal in TYPO3 Core.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51936?format=api", "purl": "pkg:composer/typo3/cms@8.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1" } ], "aliases": [ "GMS-2016-158" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1j7-7y27-jfem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11295?format=api", "vulnerability_id": "VCID-rpxc-vxrv-dkch", "summary": "Authentication Bypass\nDue to late TCA initialization the authentication service fails to restrict frontend user according to the validation rules. Therefore it is possible to authenticate restricted (e.g. disabled) frontend users.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52274?format=api", "purl": "pkg:composer/typo3/cms@8.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.6.1" } ], "aliases": [ "TYPO3-CORE-SA-2017-002" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rpxc-vxrv-dkch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340980?format=api", "vulnerability_id": "VCID-s375-5jgx-hqf8", "summary": "Cross-Site Scripting (XSS) in TYPO3 Backend", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-09-14-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-09-14-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-021", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-021" }, { "reference_url": "https://github.com/advisories/GHSA-hq37-rfjc-mr8h", "reference_id": "GHSA-hq37-rfjc-mr8h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hq37-rfjc-mr8h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51846?format=api", "purl": "pkg:composer/typo3/cms@8.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.1" } ], "aliases": [ "GHSA-hq37-rfjc-mr8h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s375-5jgx-hqf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142748?format=api", "vulnerability_id": "VCID-ssz6-xrjr-7kee", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59366", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19848" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml" }, { "reference_url": "https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19848", "reference_id": "CVE-2019-19848", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19848" }, { "reference_url": "https://github.com/advisories/GHSA-77p4-wfr8-977w", "reference_id": "GHSA-77p4-wfr8-977w", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-77p4-wfr8-977w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81691?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/81690?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/213888?format=api", "purl": "pkg:composer/typo3/cms@10.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ns1x-vkjc-e3ev" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2" } ], "aliases": [ "CVE-2019-19848", "GHSA-77p4-wfr8-977w" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssz6-xrjr-7kee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341022?format=api", "vulnerability_id": "VCID-t7v7-e824-w7en", "summary": "TYPO3 Cross-Site Scripting in Form Framework", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-6.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-6.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/79528f75e23c2832db321f36d777c1427553f764", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/79528f75e23c2832db321f36d777c1427553f764" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/a0c4348188559596f292ea03983171bde29d9870", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/a0c4348188559596f292ea03983171bde29d9870" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007" }, { "reference_url": "https://github.com/advisories/GHSA-4h5c-5g25-v7fh", "reference_id": "GHSA-4h5c-5g25-v7fh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4h5c-5g25-v7fh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GHSA-4h5c-5g25-v7fh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7v7-e824-w7en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11568?format=api", "vulnerability_id": "VCID-tf3d-k2cr-sfag", "summary": "Cross-site Scripting\nXSS in TYPO3 CMS Backend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-004/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53008?format=api", "purl": "pkg:composer/typo3/cms@8.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.0" } ], "aliases": [ "GMS-2017-350" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tf3d-k2cr-sfag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11239?format=api", "vulnerability_id": "VCID-tgu4-uvhn-eqcj", "summary": "Code Injection\nRemote Code Execution in third party library swiftmailer.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52132?format=api", "purl": "pkg:composer/typo3/cms@8.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.5.0" } ], "aliases": [ "GMS-2017-347" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tgu4-uvhn-eqcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10975?format=api", "vulnerability_id": "VCID-tyhz-cfnv-juak", "summary": "Cross-site Scripting\nCross-Site Scripting vulnerability in typolinks.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-018" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GMS-2016-152" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhz-cfnv-juak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19521?format=api", "vulnerability_id": "VCID-uf1f-nfyv-ryfb", "summary": "Path Traversal in TYPO3 Core\nDue to a too loose type check in an API method, attackers could bypass the directory traversal check by providing an invalid UTF-8 encoding sequence.", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-11-22-2.yaml" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024" }, { "reference_url": "https://github.com/advisories/GHSA-gj48-w74w-8gvm", "reference_id": "GHSA-gj48-w74w-8gvm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gj48-w74w-8gvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51936?format=api", "purl": "pkg:composer/typo3/cms@8.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1" } ], "aliases": [ "GHSA-gj48-w74w-8gvm", "GMS-2024-342" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uf1f-nfyv-ryfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11569?format=api", "vulnerability_id": "VCID-v6qh-m4y3-rfgc", "summary": "Code Injection\nArbitrary Code Execution in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53008?format=api", "purl": "pkg:composer/typo3/cms@8.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.0" } ], "aliases": [ "GMS-2017-353" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6qh-m4y3-rfgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12797?format=api", "vulnerability_id": "VCID-v7jx-ku4g-37hy", "summary": "Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55079?format=api", "purl": "pkg:composer/typo3/cms@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/55080?format=api", "purl": "pkg:composer/typo3/cms@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2" } ], "aliases": [ "GMS-2018-94" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7jx-ku4g-37hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12266?format=api", "vulnerability_id": "VCID-vcs8-625u-wbg4", "summary": "Cross-site Scripting\nThe page module in TYPO3 is vulnerable to XSS via `$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']`, as demonstrated by an admin entering a crafted site name during the installation process.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.8493", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6905" }, { "reference_url": "https://forge.typo3.org/issues/84191", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://forge.typo3.org/issues/84191" }, { "reference_url": "https://github.com/pradeepjairamani/TYPO3-XSS-POC", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pradeepjairamani/TYPO3-XSS-POC" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35" }, { "reference_url": "http://www.securitytracker.com/id/1040755", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1040755" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6905", "reference_id": "CVE-2018-6905", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54316?format=api", "purl": "pkg:composer/typo3/cms@8.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/54317?format=api", "purl": "pkg:composer/typo3/cms@9.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/118649?format=api", "purl": "pkg:composer/typo3/cms@9.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.2.0" } ], "aliases": [ "CVE-2018-6905", "GHSA-3w22-wrwx-2r75" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vcs8-625u-wbg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341023?format=api", "vulnerability_id": "VCID-vrux-m1s5-1ker", "summary": "TYPO3 Cross-Site Scripting in Form Framework validation handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/966a0038c16c04d484c1703fba9fdc13f3e7a95c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/966a0038c16c04d484c1703fba9fdc13f3e7a95c" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/9692bf83f8310cca17c9a968c4fe92ffe0deb59d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/9692bf83f8310cca17c9a968c4fe92ffe0deb59d" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/e971b012c837f1e64c1498b567ef6eec304febe5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/e971b012c837f1e64c1498b567ef6eec304febe5" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-021", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-021" }, { "reference_url": "https://github.com/advisories/GHSA-v8m4-3w37-ghxx", "reference_id": "GHSA-v8m4-3w37-ghxx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v8m4-3w37-ghxx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81691?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/81690?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/81692?format=api", "purl": "pkg:composer/typo3/cms@10.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ns1x-vkjc-e3ev" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1" } ], "aliases": [ "GHSA-v8m4-3w37-ghxx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrux-m1s5-1ker" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340995?format=api", "vulnerability_id": "VCID-w4g4-3n2d-r3fn", "summary": "Cross-Site Scripting in TYPO3 CMS Backend", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2017-004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2017-004" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-004" }, { "reference_url": "https://github.com/advisories/GHSA-v4qr-8h2v-qpjx", "reference_id": "GHSA-v4qr-8h2v-qpjx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v4qr-8h2v-qpjx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "GHSA-v4qr-8h2v-qpjx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w4g4-3n2d-r3fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/197802?format=api", "vulnerability_id": "VCID-w8jm-kzbx-dqdk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31047", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60427", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31047" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/c93ea692e7dfef03b7c50fe5437487545bee4d6a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:05:23Z/" } ], "url": "https://github.com/TYPO3/typo3/commit/c93ea692e7dfef03b7c50fe5437487545bee4d6a" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2022-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:05:23Z/" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2022-002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31047", "reference_id": "CVE-2022-31047", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31047" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-31047.yaml", "reference_id": "CVE-2022-31047.YAML", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-31047.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-fh99-4pgr-8j99", "reference_id": "GHSA-fh99-4pgr-8j99", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fh99-4pgr-8j99" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-fh99-4pgr-8j99", "reference_id": "GHSA-fh99-4pgr-8j99", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:05:23Z/" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-fh99-4pgr-8j99" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78291?format=api", "purl": "pkg:composer/typo3/cms@10.4.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/78294?format=api", "purl": "pkg:composer/typo3/cms@11.5.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-m6v1-7x64-fkdt" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.5.11" } ], "aliases": [ "CVE-2022-31047", "GHSA-fh99-4pgr-8j99" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w8jm-kzbx-dqdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341016?format=api", "vulnerability_id": "VCID-wat9-f362-v3g7", "summary": "TYPO3 CMS Possible Insecure Deserialization in Extbase Request Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-7.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-12-17-7.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/57e4ed35a6e58521a931855e702b2688b3bc3d62", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/57e4ed35a6e58521a931855e702b2688b3bc3d62" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/b1626ad8fd4aebedc15e424a76f86094d78b2564", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/b1626ad8fd4aebedc15e424a76f86094d78b2564" }, { "reference_url": "https://typo3.org/security/advisory/typo3-psa-2019-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-psa-2019-011" }, { "reference_url": "https://github.com/advisories/GHSA-hh95-5xm5-v8v7", "reference_id": "GHSA-hh95-5xm5-v8v7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hh95-5xm5-v8v7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81691?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/81690?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" } ], "aliases": [ "GHSA-hh95-5xm5-v8v7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wat9-f362-v3g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341017?format=api", "vulnerability_id": "VCID-wrn1-nrtv-y3fx", "summary": "TYPO3 Cross-Site Scripting in Fluid ViewHelpers", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-4.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/732c4acfaeaa7fd193674cd4d1ca7e369e21b96f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/732c4acfaeaa7fd193674cd4d1ca7e369e21b96f" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/c94f566514eaff62dd836541c99b438ac55f6842", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/c94f566514eaff62dd836541c99b438ac55f6842" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005" }, { "reference_url": "https://github.com/advisories/GHSA-85ch-44w7-rf32", "reference_id": "GHSA-85ch-44w7-rf32", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-85ch-44w7-rf32" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55433?format=api", "purl": "pkg:composer/typo3/cms@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55434?format=api", "purl": "pkg:composer/typo3/cms@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4" } ], "aliases": [ "GHSA-85ch-44w7-rf32" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wrn1-nrtv-y3fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10971?format=api", "vulnerability_id": "VCID-xsgt-4xt2-ayfk", "summary": "Cross-site Scripting\nCross-Site Scripting in third party library `mso/idna-convert`.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-020" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GMS-2016-154" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xsgt-4xt2-ayfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340999?format=api", "vulnerability_id": "VCID-xwgq-enpf-tqe1", "summary": "Typo3 Security Misconfiguration in Frontend Session Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-06-25-3.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-06-25-3.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018" }, { "reference_url": "https://github.com/advisories/GHSA-qr5f-6fcv-w69q", "reference_id": "GHSA-qr5f-6fcv-w69q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qr5f-6fcv-w69q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GHSA-qr5f-6fcv-w69q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xwgq-enpf-tqe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11564?format=api", "vulnerability_id": "VCID-y5vr-zzjq-6ufk", "summary": "XSS Vulnerability\nFailing to properly encode user input, backend forms are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this vulnerability.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-004/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53006?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-khss-78tw-77gz" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nr1y-7a97-3yek" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r47q-qn2f-qkd9" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-st8g-tn8f-wyat" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "TYPO3-CORE-SA-2017-004" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5vr-zzjq-6ufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11062?format=api", "vulnerability_id": "VCID-z41h-wc69-ybdw", "summary": "Path Traversal\nDue to a too loose type check in an API method, attackers could bypass the directory traversal check by providing an invalid UTF-8 encoding sequence.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-024" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51936?format=api", "purl": "pkg:composer/typo3/cms@8.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.4.1" } ], "aliases": [ "TYPO3-CORE-SA-2016-024" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z41h-wc69-ybdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10972?format=api", "vulnerability_id": "VCID-z4ph-ksn9-9ua2", "summary": "Information Disclosure in TYPO3 Backend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-017" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51778?format=api", "purl": "pkg:composer/typo3/cms@8.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1snp-vv9h-zycr" }, { "vulnerability": "VCID-1znq-61hf-6ybk" }, { "vulnerability": "VCID-2a62-91pm-nbgm" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ap1-cx3k-kyej" }, { "vulnerability": "VCID-5bc6-kka6-p3h4" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5vjr-mcn8-sbc2" }, { "vulnerability": "VCID-624d-jac1-9ba7" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-6urd-bx9f-ckbu" }, { "vulnerability": "VCID-6xu1-wd67-2fdn" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-7umb-pj4m-eqfb" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8b94-e1d2-ebam" }, { "vulnerability": "VCID-8xgz-x8v3-2kgx" }, { "vulnerability": "VCID-94ty-y1r7-pkcy" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aghr-ecp4-eqey" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-b9nw-c7ek-47f9" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-be91-38em-33f7" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-bu7f-ndjb-wqft" }, { "vulnerability": "VCID-bxgx-dwg9-4ygv" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d8xz-ft2x-abdb" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-dus4-tfjy-h3f4" }, { "vulnerability": "VCID-dxry-btsq-7qan" }, { "vulnerability": "VCID-erwv-fmcy-ryed" }, { "vulnerability": "VCID-es5w-n25j-nqhg" }, { "vulnerability": "VCID-evcy-2c82-nbbk" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f7mj-c3hb-gbaa" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-fwrf-t4ey-f3br" }, { "vulnerability": "VCID-g1k2-f13f-skgf" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfuj-61z7-q7gk" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hecf-jtp1-mygq" }, { "vulnerability": "VCID-hthh-re2d-fqf6" }, { "vulnerability": "VCID-j2em-wgxm-b3af" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-m9yu-1tca-vfec" }, { "vulnerability": "VCID-mna4-dcqb-j7ga" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-n915-7b6y-6kap" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-q7t4-jc4j-23c6" }, { "vulnerability": "VCID-qmbn-ma1j-4yc6" }, { "vulnerability": "VCID-qw9j-97uz-pycb" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-qy73-z69h-4fd3" }, { "vulnerability": "VCID-r1j7-7y27-jfem" }, { "vulnerability": "VCID-rpxc-vxrv-dkch" }, { "vulnerability": "VCID-s375-5jgx-hqf8" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tf3d-k2cr-sfag" }, { "vulnerability": "VCID-tgu4-uvhn-eqcj" }, { "vulnerability": "VCID-uf1f-nfyv-ryfb" }, { "vulnerability": "VCID-v6qh-m4y3-rfgc" }, { "vulnerability": "VCID-v7jx-ku4g-37hy" }, { "vulnerability": "VCID-vcs8-625u-wbg4" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w4g4-3n2d-r3fn" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-y5vr-zzjq-6ufk" }, { "vulnerability": "VCID-z41h-wc69-ybdw" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zue9-dmqm-nkgy" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1" } ], "aliases": [ "GMS-2016-151" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4ph-ksn9-9ua2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170967?format=api", "vulnerability_id": "VCID-z6y7-9ym5-g3fd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57099", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370" }, { "reference_url": "https://packagist.org/packages/typo3/cms-backend", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-backend" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" }, { "reference_url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57440?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207165?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207160?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207163?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21370", "GHSA-x7hc-x7fm-f7qh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6y7-9ym5-g3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13581?format=api", "vulnerability_id": "VCID-zd8e-33zb-cubx", "summary": "Security Misconfiguration in User Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56968?format=api", "purl": "pkg:composer/typo3/cms@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56969?format=api", "purl": "pkg:composer/typo3/cms@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6" } ], "aliases": [ "GMS-2019-181" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zd8e-33zb-cubx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142749?format=api", "vulnerability_id": "VCID-zptn-f2ua-wfa8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19849", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73365", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19849" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml" }, { "reference_url": "https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19849", "reference_id": "CVE-2019-19849", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19849" }, { "reference_url": "https://github.com/advisories/GHSA-rcgc-4xfc-564v", "reference_id": "GHSA-rcgc-4xfc-564v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rcgc-4xfc-564v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81691?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/81690?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/81692?format=api", "purl": "pkg:composer/typo3/cms@10.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ns1x-vkjc-e3ev" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/213888?format=api", "purl": "pkg:composer/typo3/cms@10.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ns1x-vkjc-e3ev" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2" } ], "aliases": [ "CVE-2019-19849", "GHSA-rcgc-4xfc-564v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zptn-f2ua-wfa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13849?format=api", "vulnerability_id": "VCID-ztnv-bz8e-23fw", "summary": "Cross-site Scripting\nTYPO3 is an open source PHP based web content management system. have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59357", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669", "reference_id": "CVE-2021-32669", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669" }, { "reference_url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "GHSA-rgcg-28xm-8mmw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57446?format=api", "purl": "pkg:composer/typo3/cms@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57447?format=api", "purl": "pkg:composer/typo3/cms@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57448?format=api", "purl": "pkg:composer/typo3/cms@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-756q-b4wh-tydg" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-t188-2r58-xugq" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgn5-c432-zfb6" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xexd-m212-p3aa" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-ydx2-yevp-bubw" }, { "vulnerability": "VCID-ye5a-kty9-ukaz" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.1" } ], "aliases": [ "CVE-2021-32669", "GHSA-rgcg-28xm-8mmw" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztnv-bz8e-23fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341029?format=api", "vulnerability_id": "VCID-zue9-dmqm-nkgy", "summary": "TYPO3 Cross-Site Scripting in Frontend User Login", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-3.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2018-12-11-3.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/1c85fe70269e2ff8ecf0b6d5f16550c6cd0ddc78", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/1c85fe70269e2ff8ecf0b6d5f16550c6cd0ddc78" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/373bec5d7d415f0764ebbadc7970610dc26da068", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/373bec5d7d415f0764ebbadc7970610dc26da068" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/e4143195e1451630f058a58ab62d92135948a927", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/e4143195e1451630f058a58ab62d92135948a927" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008" }, { "reference_url": "https://github.com/advisories/GHSA-2rcw-9hrm-8q7q", "reference_id": "GHSA-2rcw-9hrm-8q7q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2rcw-9hrm-8q7q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56072?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-khjn-rfqk-43ck" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pt7n-4xyk-ayhd" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/56073?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2dk9-nj1q-zbac" }, { "vulnerability": "VCID-3q83-a9fg-myfk" }, { "vulnerability": "VCID-4sva-74pj-6ke8" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5nbd-n22c-c3es" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6hc5-w52t-kkf3" }, { "vulnerability": "VCID-6qgs-yxdm-dfa5" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-79pg-wt38-skg8" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-9x28-fsv5-hqcc" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-b1xu-66dr-d3bf" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bjbm-8nvj-dyb1" }, { "vulnerability": "VCID-brr6-1t75-gbeu" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-de8m-ktdb-w3ht" }, { "vulnerability": "VCID-evjm-8a4r-8yg9" }, { "vulnerability": "VCID-eyxt-9p91-vfdf" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fh4y-fm7b-hqaj" }, { "vulnerability": "VCID-fhf6-ehe3-9fc9" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-g9kd-xhm7-fbbp" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-hgtr-b8rj-23ah" }, { "vulnerability": "VCID-j7kv-7qug-jbcc" }, { "vulnerability": "VCID-ja5a-zt3y-7ugp" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jrkx-ccre-7fb6" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-mrs5-ygvw-bufa" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ny92-a3hq-z3es" }, { "vulnerability": "VCID-pu1y-mtu6-pugz" }, { "vulnerability": "VCID-sdr9-c9yv-jfak" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-t6bx-uwej-xyed" }, { "vulnerability": "VCID-t7v7-e824-w7en" }, { "vulnerability": "VCID-tpxh-fdty-73cw" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-wrn1-nrtv-y3fx" }, { "vulnerability": "VCID-xwgq-enpf-tqe1" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zd8e-33zb-cubx" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zvpd-a1k6-suev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GHSA-2rcw-9hrm-8q7q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zue9-dmqm-nkgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341000?format=api", "vulnerability_id": "VCID-zvpd-a1k6-suev", "summary": "Typo3 Arbitrary Code Execution and Cross-Site Scripting in Backend API", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-06-25-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-06-25-4.yaml" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019" }, { "reference_url": "https://github.com/advisories/GHSA-hww5-6x85-mc24", "reference_id": "GHSA-hww5-6x85-mc24", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hww5-6x85-mc24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57246?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57247?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6tzs-x8d1-ebe1" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-fm88-sv4z-qyak" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gkv2-xedj-zufa" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-ssz6-xrjr-7kee" }, { "vulnerability": "VCID-vrux-m1s5-1ker" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wat9-f362-v3g7" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zptn-f2ua-wfa8" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "GHSA-hww5-6x85-mc24" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvpd-a1k6-suev" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.0" }