Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/55442?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "type": "composer", "namespace": "typo3", "name": "cms-core", "version": "8.7.23", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "9.5.29", "latest_non_vulnerable_version": "14.0.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13579?format=api", "vulnerability_id": "VCID-48hy-43gr-gfbf", "summary": "Security Misconfiguration in User Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-161" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48hy-43gr-gfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170937?format=api", "vulnerability_id": "VCID-55k8-c62g-4bex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48752", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" }, { "reference_url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "GHSA-4jhw-2p6j-5wmp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21338", "GHSA-4jhw-2p6j-5wmp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55k8-c62g-4bex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170955?format=api", "vulnerability_id": "VCID-7prr-a8eb-t3he", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78559", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" }, { "reference_url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "GHSA-3vg7-jw9m-pc3f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21357", "GHSA-3vg7-jw9m-pc3f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7prr-a8eb-t3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13740?format=api", "vulnerability_id": "VCID-85q5-auec-67hf", "summary": "Insecure Deserialization in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-169" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85q5-auec-67hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13907?format=api", "vulnerability_id": "VCID-88qn-j3zx-u3gm", "summary": "Cross-site Scripting\nTYPO3 is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768", "reference_id": "CVE-2021-32768", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768" }, { "reference_url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "GHSA-c5c9-8c6m-727v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/206913?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.42", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/57628?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.29", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/57629?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/57630?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.2" } ], "aliases": [ "CVE-2021-32768", "GHSA-c5c9-8c6m-727v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88qn-j3zx-u3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13850?format=api", "vulnerability_id": "VCID-ax86-j7wt-r3eq", "summary": "Cross-site Scripting\nTYPO3 contains a cross-site scripting vulnerability. When error messages are not properly encoded, the components `_QueryGenerator_` and `_QueryView_` are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58702", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668", "reference_id": "CVE-2021-32668", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668" }, { "reference_url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "GHSA-6mh3-j5r5-2379", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57627?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32668", "GHSA-6mh3-j5r5-2379" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax86-j7wt-r3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13746?format=api", "vulnerability_id": "VCID-d95b-sf2s-sba8", "summary": "Cross-site Scripting\nCross-Site Scripting in Link Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-166" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d95b-sf2s-sba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13578?format=api", "vulnerability_id": "VCID-f7br-96rx-gqfh", "summary": "Code Injection\nPossible Arbitrary Code Execution in Image Processing.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-162" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7br-96rx-gqfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13847?format=api", "vulnerability_id": "VCID-fpg4-zerw-wba9", "summary": "Inclusion of Sensitive Information in Log Files\nTYPO3 is an open source PHP based web content management system. User credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55881", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767", "reference_id": "CVE-2021-32767", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767" }, { "reference_url": "https://github.com/advisories/GHSA-34fr-fhqr-7235", "reference_id": "GHSA-34fr-fhqr-7235", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-34fr-fhqr-7235" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57627?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32767", "GHSA-34fr-fhqr-7235" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpg4-zerw-wba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170954?format=api", "vulnerability_id": "VCID-jb99-84e9-pudw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62016", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" }, { "reference_url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "GHSA-2r6j-862c-m2v2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21355", "GHSA-2r6j-862c-m2v2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jb99-84e9-pudw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/159608?format=api", "vulnerability_id": "VCID-kjyy-y8q3-wkh7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58358", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010" }, { "reference_url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "GHSA-vqqx-jw6p-q3rf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/202467?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.38", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.38" }, { "url": "http://public2.vulnerablecode.io/api/packages/202461?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/202464?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.10" } ], "aliases": [ "CVE-2020-26227", "GHSA-vqqx-jw6p-q3rf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjyy-y8q3-wkh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170938?format=api", "vulnerability_id": "VCID-n1ba-m68n-8khg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3235", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" }, { "reference_url": "https://github.com/advisories/GHSA-qx3w-4864-94ch", "reference_id": "GHSA-qx3w-4864-94ch", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qx3w-4864-94ch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21339", "GHSA-qx3w-4864-94ch" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ba-m68n-8khg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13587?format=api", "vulnerability_id": "VCID-nmk7-s3yq-dbb8", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid Engine.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-160" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmk7-s3yq-dbb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13747?format=api", "vulnerability_id": "VCID-qdta-u8z4-e3g5", "summary": "Information Disclosure in Backend User Interface.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-165" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdta-u8z4-e3g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13752?format=api", "vulnerability_id": "VCID-th4c-z7hb-7yax", "summary": "Code Injection\nArbitrary Code Execution and Cross-Site Scripting in Backend API.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-168" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-th4c-z7hb-7yax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13742?format=api", "vulnerability_id": "VCID-v5kf-nvb3-77cc", "summary": "Security Misconfiguration in Frontend Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-167" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5kf-nvb3-77cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170967?format=api", "vulnerability_id": "VCID-z6y7-9ym5-g3fd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57099", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370" }, { "reference_url": "https://packagist.org/packages/typo3/cms-backend", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-backend" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" }, { "reference_url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21370", "GHSA-x7hc-x7fm-f7qh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6y7-9ym5-g3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13849?format=api", "vulnerability_id": "VCID-ztnv-bz8e-23fw", "summary": "Cross-site Scripting\nTYPO3 is an open source PHP based web content management system. have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59357", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669", "reference_id": "CVE-2021-32669", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669" }, { "reference_url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "GHSA-rgcg-28xm-8mmw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57627?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32669", "GHSA-rgcg-28xm-8mmw" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztnv-bz8e-23fw" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340928?format=api", "vulnerability_id": "VCID-2mu3-n9tg-a7dh", "summary": "TYPO3 Broken Access Control in Localization Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-3.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-3.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/64b1b5dc2f7cacb2ba39b74081f4179d6393b2bf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/64b1b5dc2f7cacb2ba39b74081f4179d6393b2bf" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003" }, { "reference_url": "https://github.com/advisories/GHSA-9rx9-7fmh-gj3g", "reference_id": "GHSA-9rx9-7fmh-gj3g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9rx9-7fmh-gj3g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" } ], "aliases": [ "GHSA-9rx9-7fmh-gj3g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2mu3-n9tg-a7dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340927?format=api", "vulnerability_id": "VCID-2thp-mucd-ukf9", "summary": "TYPO3 Cross-Site Scripting in Fluid ViewHelpers", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-4.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005" }, { "reference_url": "https://github.com/advisories/GHSA-22q7-cg4r-p9mx", "reference_id": "GHSA-22q7-cg4r-p9mx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-22q7-cg4r-p9mx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-22q7-cg4r-p9mx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2thp-mucd-ukf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13240?format=api", "vulnerability_id": "VCID-5kns-wat5-fbak", "summary": "Cross-site Scripting\nCross-Site Scripting in Bootstrap CSS toolkit.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-156" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5kns-wat5-fbak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13252?format=api", "vulnerability_id": "VCID-8qm5-zhme-3faj", "summary": "Cross-site Scripting\nCross-Site Scripting in Form Framework.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-157" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qm5-zhme-3faj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13244?format=api", "vulnerability_id": "VCID-avxg-mdeb-nkc4", "summary": "Code Injection\nArbitrary Code Execution via File List Module.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-158" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avxg-mdeb-nkc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13248?format=api", "vulnerability_id": "VCID-gryz-ggj5-47ds", "summary": "Information Disclosure of Installed Extensions.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-152" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gryz-ggj5-47ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13253?format=api", "vulnerability_id": "VCID-jk1k-zbk4-27e4", "summary": "Security Misconfiguration for Backend User Accounts.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-153" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jk1k-zbk4-27e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340929?format=api", "vulnerability_id": "VCID-jmxj-f45s-xucg", "summary": "TYPO3 Arbitrary Code Execution via File List Module", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-7.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-7.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/45c311d120c359d54cc918e962c374e774239899", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/45c311d120c359d54cc918e962c374e774239899" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/5095084efae471c5fef7b578f2bc8a5060e1e148", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/5095084efae471c5fef7b578f2bc8a5060e1e148" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008" }, { "reference_url": "https://github.com/advisories/GHSA-f9hr-7cfq-mjg2", "reference_id": "GHSA-f9hr-7cfq-mjg2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f9hr-7cfq-mjg2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-f9hr-7cfq-mjg2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmxj-f45s-xucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13259?format=api", "vulnerability_id": "VCID-ptgy-6j8n-zyf1", "summary": "Improper Access Control\nBroken Access Control in Localization Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55058?format=api", "purl": "pkg:composer/typo3/cms-core@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-1egd-187y-yuf2" }, { "vulnerability": "VCID-1fcd-s2kt-kqcw" }, { "vulnerability": "VCID-1jtz-qp8k-vfh7" }, { "vulnerability": "VCID-1vxk-v8q1-pbhc" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-293q-d5mc-g7a5" }, { "vulnerability": "VCID-2cct-3ft4-jbct" }, { "vulnerability": "VCID-2cha-web7-73f6" }, { "vulnerability": "VCID-2thp-mucd-ukf9" }, { "vulnerability": "VCID-2xhn-vx99-xufa" }, { "vulnerability": "VCID-467a-nzkb-ryde" }, { "vulnerability": "VCID-4855-zapx-5ucj" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-49a1-re6y-9ybm" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ffs-4kgc-kqdh" }, { "vulnerability": "VCID-5kns-wat5-fbak" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-6m63-f7fh-xufa" }, { "vulnerability": "VCID-6mmz-d8sb-53gc" }, { "vulnerability": "VCID-75cq-489a-ayej" }, { "vulnerability": "VCID-7bbm-nfjy-c3fx" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-8kx1-kjaz-rqad" }, { "vulnerability": "VCID-8qm5-zhme-3faj" }, { "vulnerability": "VCID-8zmv-x3kk-5bfc" }, { "vulnerability": "VCID-9zv7-vfdr-bkd8" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-avxg-mdeb-nkc4" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-bbx5-ycbt-xbea" }, { "vulnerability": "VCID-bwwk-hggs-t3cg" }, { "vulnerability": "VCID-cag3-ba8g-zfcn" }, { "vulnerability": "VCID-d64j-ghbq-7fbj" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-ddcd-gkgm-vqhb" }, { "vulnerability": "VCID-dfqh-9bpy-pyej" }, { "vulnerability": "VCID-dmuh-6usk-aycf" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-dqru-rt8a-kkgy" }, { "vulnerability": "VCID-dzet-nxyh-n3c7" }, { "vulnerability": "VCID-e3xt-zqx4-7fh4" }, { "vulnerability": "VCID-eumg-yx1k-9bg4" }, { "vulnerability": "VCID-exur-csyf-7beu" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-f8x4-nz64-3ya8" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fjmf-pf49-vbde" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-gfvt-nhw4-gyd6" }, { "vulnerability": "VCID-gjqt-tb6m-k7bc" }, { "vulnerability": "VCID-gryz-ggj5-47ds" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-jj8m-96su-jkek" }, { "vulnerability": "VCID-jk1k-zbk4-27e4" }, { "vulnerability": "VCID-jmxj-f45s-xucg" }, { "vulnerability": "VCID-jycm-wccp-2bb6" }, { "vulnerability": "VCID-jz81-2awx-t3ht" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-ks9n-gj6z-sqen" }, { "vulnerability": "VCID-kz49-jax3-27c4" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-m4h2-6sjx-n7b1" }, { "vulnerability": "VCID-m9sx-dufx-1ydc" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-nxrd-k1wx-jkcx" }, { "vulnerability": "VCID-p954-9jeg-puga" }, { "vulnerability": "VCID-p9ew-1hc8-vkb2" }, { "vulnerability": "VCID-q9gj-g25b-nudx" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-qxqn-abw1-3qfc" }, { "vulnerability": "VCID-r6bf-vmay-v3gs" }, { "vulnerability": "VCID-rjxw-3xrm-m3hr" }, { "vulnerability": "VCID-s92b-kvzk-2bbp" }, { "vulnerability": "VCID-ssa5-szvz-s3fn" }, { "vulnerability": "VCID-sxgs-77a6-7ybq" }, { "vulnerability": "VCID-t41x-8aba-7kfy" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-u3wa-hr9b-83ae" }, { "vulnerability": "VCID-ud41-asy6-s3hc" }, { "vulnerability": "VCID-uja7-atac-9kgx" }, { "vulnerability": "VCID-uzrt-kxy1-j7dv" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-v93n-bt5z-t7cg" }, { "vulnerability": "VCID-w8jm-kzbx-dqdk" }, { "vulnerability": "VCID-wgq8-jta9-akfy" }, { "vulnerability": "VCID-wwpy-gm6k-cbht" }, { "vulnerability": "VCID-wwwk-jwe2-tuhp" }, { "vulnerability": "VCID-x9vd-xgts-7qfr" }, { "vulnerability": "VCID-xmc4-45v5-gqbt" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-xymz-jy8w-zbdu" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-ypcs-2c8m-23e1" }, { "vulnerability": "VCID-yuhw-xqmw-g7gy" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-zckv-8cc7-tubf" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" }, { "vulnerability": "VCID-zw6s-4rhh-buct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.0.0" } ], "aliases": [ "GMS-2019-154" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptgy-6j8n-zyf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12805?format=api", "vulnerability_id": "VCID-qxqn-abw1-3qfc", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nIn Bootstrap, XSS is possible in the data-target property of scrollspy.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html" }, { "reference_url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1456", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1456" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07917", "scoring_system": "epss", "scoring_elements": "0.92163", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041" }, { "reference_url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/10" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/11" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/13" }, { "reference_url": "https://github.com/twbs/bootstrap", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26423", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26423" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26627" }, { "reference_url": "https://github.com/twbs/bootstrap/pull/26630", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/pull/26630" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/18" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "reference_id": "CVE-2018-14041", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml", "reference_id": "CVE-2018-14041.YML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml" }, { "reference_url": "https://github.com/advisories/GHSA-pj7m-g53m-7638", "reference_id": "GHSA-pj7m-g53m-7638", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pj7m-g53m-7638" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "CVE-2018-14041", "GHSA-pj7m-g53m-7638" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxqn-abw1-3qfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340926?format=api", "vulnerability_id": "VCID-rjxw-3xrm-m3hr", "summary": "TYPO3 Security Misconfiguration for Backend User Accounts", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-2.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/1e0c7a60be0f324e77cdbc2dadef46458e191d47", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/1e0c7a60be0f324e77cdbc2dadef46458e191d47" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/88c53ed5006c830d8da3c3a5f3c1b81839f1efb4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/88c53ed5006c830d8da3c3a5f3c1b81839f1efb4" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002" }, { "reference_url": "https://github.com/advisories/GHSA-rxc9-f2x6-qh4w", "reference_id": "GHSA-rxc9-f2x6-qh4w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rxc9-f2x6-qh4w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-rxc9-f2x6-qh4w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rjxw-3xrm-m3hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340931?format=api", "vulnerability_id": "VCID-s92b-kvzk-2bbp", "summary": "TYPO3 Cross-Site Scripting in Form Framework", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-6.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-6.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/3b8b8b4416b921df4ccc7c5b4a8e9a069562be35", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/3b8b8b4416b921df4ccc7c5b4a8e9a069562be35" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/a0e917008320e24c26780ba385fbfe738fcd45b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/a0e917008320e24c26780ba385fbfe738fcd45b9" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007" }, { "reference_url": "https://github.com/advisories/GHSA-4459-qrcc-vfcf", "reference_id": "GHSA-4459-qrcc-vfcf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4459-qrcc-vfcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-4459-qrcc-vfcf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s92b-kvzk-2bbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340934?format=api", "vulnerability_id": "VCID-ssa5-szvz-s3fn", "summary": "TYPO3 Disclosure of Information about Installed Extensions", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-1.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/7960334bba1223a681283158f67a999334e88cf1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/7960334bba1223a681283158f67a999334e88cf1" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/9453d8a8763fffa76deb6a16f6b99c0ab6f3d8f1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/9453d8a8763fffa76deb6a16f6b99c0ab6f3d8f1" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001" }, { "reference_url": "https://github.com/advisories/GHSA-p2h4-7fp3-cmh8", "reference_id": "GHSA-p2h4-7fp3-cmh8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p2h4-7fp3-cmh8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-p2h4-7fp3-cmh8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssa5-szvz-s3fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13250?format=api", "vulnerability_id": "VCID-v93n-bt5z-t7cg", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid `ViewHelpers`.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-155" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v93n-bt5z-t7cg" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }