Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/55443?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "type": "composer", "namespace": "typo3", "name": "cms-core", "version": "9.5.4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "9.5.29", "latest_non_vulnerable_version": "14.0.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170957?format=api", "vulnerability_id": "VCID-1bhg-x7gu-kqcv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69477", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21359" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21359.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21359.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21359.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21359.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21359", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21359" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-005" }, { "reference_url": "https://github.com/advisories/GHSA-4p9g-qgx9-397p", "reference_id": "GHSA-4p9g-qgx9-397p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4p9g-qgx9-397p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21359", "GHSA-4p9g-qgx9-397p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bhg-x7gu-kqcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/159609?format=api", "vulnerability_id": "VCID-28m8-296w-tych", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39013", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26228" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26228.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26228.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26228.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26228.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26228", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26228" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-011" }, { "reference_url": "https://github.com/advisories/GHSA-954j-f27r-cj52", "reference_id": "GHSA-954j-f27r-cj52", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-954j-f27r-cj52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/202461?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/202464?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.10" } ], "aliases": [ "CVE-2020-26228", "GHSA-954j-f27r-cj52" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-28m8-296w-tych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13579?format=api", "vulnerability_id": "VCID-48hy-43gr-gfbf", "summary": "Security Misconfiguration in User Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-161" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48hy-43gr-gfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170937?format=api", "vulnerability_id": "VCID-55k8-c62g-4bex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48752", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" }, { "reference_url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "GHSA-4jhw-2p6j-5wmp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21338", "GHSA-4jhw-2p6j-5wmp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55k8-c62g-4bex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/154945?format=api", "vulnerability_id": "VCID-5ynp-eb7a-qqf3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02358", "scoring_system": "epss", "scoring_elements": "0.85185", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15098" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/commit/85d3e70dff35a99ef53f4b561114acfa9e5c47e1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/commit/85d3e70dff35a99ef53f4b561114acfa9e5c47e1" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-013" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-008" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5091", "reference_id": "CVE-2016-5091", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5091" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15098", "reference_id": "CVE-2020-15098", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15098" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15098.yaml", "reference_id": "CVE-2020-15098.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15098.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15098.yaml", "reference_id": "CVE-2020-15098.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15098.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-m5vr-3m74-jwxp", "reference_id": "GHSA-m5vr-3m74-jwxp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m5vr-3m74-jwxp" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-m5vr-3m74-jwxp", "reference_id": "GHSA-m5vr-3m74-jwxp", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-m5vr-3m74-jwxp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75117?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/75119?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.6" } ], "aliases": [ "CVE-2020-15098", "GHSA-m5vr-3m74-jwxp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ynp-eb7a-qqf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170955?format=api", "vulnerability_id": "VCID-7prr-a8eb-t3he", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78559", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" }, { "reference_url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "GHSA-3vg7-jw9m-pc3f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21357", "GHSA-3vg7-jw9m-pc3f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7prr-a8eb-t3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152182?format=api", "vulnerability_id": "VCID-83uf-75pf-rkdk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67446", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11066" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-004", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-004" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11066", "reference_id": "CVE-2020-11066", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11066" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11066.yaml", "reference_id": "CVE-2020-11066.YAML", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11066.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11066.yaml", "reference_id": "CVE-2020-11066.YAML", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11066.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-2rxh-h6h9-qrqc", "reference_id": "GHSA-2rxh-h6h9-qrqc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2rxh-h6h9-qrqc" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2rxh-h6h9-qrqc", "reference_id": "GHSA-2rxh-h6h9-qrqc", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2rxh-h6h9-qrqc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11066", "GHSA-2rxh-h6h9-qrqc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-83uf-75pf-rkdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13740?format=api", "vulnerability_id": "VCID-85q5-auec-67hf", "summary": "Insecure Deserialization in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-169" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85q5-auec-67hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13907?format=api", "vulnerability_id": "VCID-88qn-j3zx-u3gm", "summary": "Cross-site Scripting\nTYPO3 is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768", "reference_id": "CVE-2021-32768", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768" }, { "reference_url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "GHSA-c5c9-8c6m-727v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57628?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.29", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/57629?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/57630?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.2" } ], "aliases": [ "CVE-2021-32768", "GHSA-c5c9-8c6m-727v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88qn-j3zx-u3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13585?format=api", "vulnerability_id": "VCID-ac2s-kzxq-wbgt", "summary": "Information Disclosure in Page Tree.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-009/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-009/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-163" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ac2s-kzxq-wbgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152183?format=api", "vulnerability_id": "VCID-aj95-p9de-qff5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01181", "scoring_system": "epss", "scoring_elements": "0.79072", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11067" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-005" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11067", "reference_id": "CVE-2020-11067", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11067" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11067.yaml", "reference_id": "CVE-2020-11067.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11067.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11067.yaml", "reference_id": "CVE-2020-11067.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11067.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-2wj9-434x-9hvp", "reference_id": "GHSA-2wj9-434x-9hvp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2wj9-434x-9hvp" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2wj9-434x-9hvp", "reference_id": "GHSA-2wj9-434x-9hvp", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2wj9-434x-9hvp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11067", "GHSA-2wj9-434x-9hvp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aj95-p9de-qff5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152180?format=api", "vulnerability_id": "VCID-arur-ep6s-rqdy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42778", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11064" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11064", "reference_id": "CVE-2020-11064", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11064" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11064.yaml", "reference_id": "CVE-2020-11064.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11064.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11064.yaml", "reference_id": "CVE-2020-11064.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11064.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-43gj-mj2w-wh46", "reference_id": "GHSA-43gj-mj2w-wh46", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-43gj-mj2w-wh46" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-43gj-mj2w-wh46", "reference_id": "GHSA-43gj-mj2w-wh46", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-43gj-mj2w-wh46" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11064", "GHSA-43gj-mj2w-wh46" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-arur-ep6s-rqdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13850?format=api", "vulnerability_id": "VCID-ax86-j7wt-r3eq", "summary": "Cross-site Scripting\nTYPO3 contains a cross-site scripting vulnerability. When error messages are not properly encoded, the components `_QueryGenerator_` and `_QueryView_` are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58702", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668", "reference_id": "CVE-2021-32668", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668" }, { "reference_url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "GHSA-6mh3-j5r5-2379", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32668", "GHSA-6mh3-j5r5-2379" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax86-j7wt-r3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13746?format=api", "vulnerability_id": "VCID-d95b-sf2s-sba8", "summary": "Cross-site Scripting\nCross-Site Scripting in Link Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-166" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d95b-sf2s-sba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13744?format=api", "vulnerability_id": "VCID-dmwm-8c1j-mbbp", "summary": "Improper Access Control\nBroken Access Control in Import Module.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-017/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-017/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-171" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmwm-8c1j-mbbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13578?format=api", "vulnerability_id": "VCID-f7br-96rx-gqfh", "summary": "Code Injection\nPossible Arbitrary Code Execution in Image Processing.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-162" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7br-96rx-gqfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13751?format=api", "vulnerability_id": "VCID-ffn5-gthd-mkea", "summary": "Deserialization of Untrusted Data\nPossible deserialization side-effects in `symfony/cache`.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-170" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ffn5-gthd-mkea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13847?format=api", "vulnerability_id": "VCID-fpg4-zerw-wba9", "summary": "Inclusion of Sensitive Information in Log Files\nTYPO3 is an open source PHP based web content management system. User credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55881", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767", "reference_id": "CVE-2021-32767", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767" }, { "reference_url": "https://github.com/advisories/GHSA-34fr-fhqr-7235", "reference_id": "GHSA-34fr-fhqr-7235", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-34fr-fhqr-7235" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32767", "GHSA-34fr-fhqr-7235" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpg4-zerw-wba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170954?format=api", "vulnerability_id": "VCID-jb99-84e9-pudw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62016", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" }, { "reference_url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "GHSA-2r6j-862c-m2v2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21355", "GHSA-2r6j-862c-m2v2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jb99-84e9-pudw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/159608?format=api", "vulnerability_id": "VCID-kjyy-y8q3-wkh7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58358", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010" }, { "reference_url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "GHSA-vqqx-jw6p-q3rf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/202461?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/202464?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.10" } ], "aliases": [ "CVE-2020-26227", "GHSA-vqqx-jw6p-q3rf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjyy-y8q3-wkh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13602?format=api", "vulnerability_id": "VCID-m1y3-csp4-aqe4", "summary": "Deserialization of Untrusted Data\nIn Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78513", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10912" }, { "reference_url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/21", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/21" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4441", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4441" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10912", "reference_id": "CVE-2019-10912", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10912" }, { "reference_url": "https://symfony.com/cve-2019-10912", "reference_id": "CVE-2019-10912", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://symfony.com/cve-2019-10912" }, { "reference_url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized", "reference_id": "CVE-2019-10912-PREVENT-DESTRUCTORS-WITH-SIDE-EFFECTS-FROM-BEING-UNSERIALIZED", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-w2fr-65vp-mxw3", "reference_id": "GHSA-w2fr-65vp-mxw3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w2fr-65vp-mxw3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "CVE-2019-10912", "GHSA-w2fr-65vp-mxw3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1y3-csp4-aqe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170938?format=api", "vulnerability_id": "VCID-n1ba-m68n-8khg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3235", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" }, { "reference_url": "https://github.com/advisories/GHSA-qx3w-4864-94ch", "reference_id": "GHSA-qx3w-4864-94ch", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qx3w-4864-94ch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21339", "GHSA-qx3w-4864-94ch" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ba-m68n-8khg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13587?format=api", "vulnerability_id": "VCID-nmk7-s3yq-dbb8", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid Engine.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-160" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmk7-s3yq-dbb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13747?format=api", "vulnerability_id": "VCID-qdta-u8z4-e3g5", "summary": "Information Disclosure in Backend User Interface.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-165" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdta-u8z4-e3g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13752?format=api", "vulnerability_id": "VCID-th4c-z7hb-7yax", "summary": "Code Injection\nArbitrary Code Execution and Cross-Site Scripting in Backend API.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-168" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-th4c-z7hb-7yax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13586?format=api", "vulnerability_id": "VCID-ts6g-nh23-d3gf", "summary": "Information Disclosure in User Authentication.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-010/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-164" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ts6g-nh23-d3gf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13742?format=api", "vulnerability_id": "VCID-v5kf-nvb3-77cc", "summary": "Security Misconfiguration in Frontend Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-167" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5kf-nvb3-77cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152185?format=api", "vulnerability_id": "VCID-xxxy-6j4a-7fbr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11069", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60891", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11069" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-006" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11069", "reference_id": "CVE-2020-11069", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11069" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11069.yaml", "reference_id": "CVE-2020-11069.YAML", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11069.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11069.yaml", "reference_id": "CVE-2020-11069.YAML", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11069.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-pqg8-crx9-g8m4", "reference_id": "GHSA-pqg8-crx9-g8m4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqg8-crx9-g8m4" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-pqg8-crx9-g8m4", "reference_id": "GHSA-pqg8-crx9-g8m4", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-pqg8-crx9-g8m4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11069", "GHSA-pqg8-crx9-g8m4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xxxy-6j4a-7fbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13848?format=api", "vulnerability_id": "VCID-y5fe-53uv-2ycz", "summary": "Cross-site Scripting\nTYPO3 contains a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corresponding page preview module (`_Web>View_`) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61935", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32667" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32667.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32667.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32667.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32667.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8mq9-fqv8-59wf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8mq9-fqv8-59wf" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-009" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32667", "reference_id": "CVE-2021-32667", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32667" }, { "reference_url": "https://github.com/advisories/GHSA-8mq9-fqv8-59wf", "reference_id": "GHSA-8mq9-fqv8-59wf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8mq9-fqv8-59wf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32667", "GHSA-8mq9-fqv8-59wf" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5fe-53uv-2ycz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/154946?format=api", "vulnerability_id": "VCID-ybm6-51vn-bybr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01187", "scoring_system": "epss", "scoring_elements": "0.79117", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15099" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-007" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15099", "reference_id": "CVE-2020-15099", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15099" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15099.yaml", "reference_id": "CVE-2020-15099.YAML", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15099.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15099.yaml", "reference_id": "CVE-2020-15099.YAML", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15099.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-3x94-fv5h-5q2c", "reference_id": "GHSA-3x94-fv5h-5q2c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3x94-fv5h-5q2c" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3x94-fv5h-5q2c", "reference_id": "GHSA-3x94-fv5h-5q2c", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3x94-fv5h-5q2c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75117?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/75119?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.6" } ], "aliases": [ "CVE-2020-15099", "GHSA-3x94-fv5h-5q2c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybm6-51vn-bybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170967?format=api", "vulnerability_id": "VCID-z6y7-9ym5-g3fd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57099", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370" }, { "reference_url": "https://packagist.org/packages/typo3/cms-backend", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-backend" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" }, { "reference_url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21370", "GHSA-x7hc-x7fm-f7qh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6y7-9ym5-g3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13849?format=api", "vulnerability_id": "VCID-ztnv-bz8e-23fw", "summary": "Cross-site Scripting\nTYPO3 is an open source PHP based web content management system. have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59357", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669", "reference_id": "CVE-2021-32669", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669" }, { "reference_url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "GHSA-rgcg-28xm-8mmw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32669", "GHSA-rgcg-28xm-8mmw" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztnv-bz8e-23fw" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340927?format=api", "vulnerability_id": "VCID-2thp-mucd-ukf9", "summary": "TYPO3 Cross-Site Scripting in Fluid ViewHelpers", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-4.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005" }, { "reference_url": "https://github.com/advisories/GHSA-22q7-cg4r-p9mx", "reference_id": "GHSA-22q7-cg4r-p9mx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-22q7-cg4r-p9mx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-22q7-cg4r-p9mx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2thp-mucd-ukf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13240?format=api", "vulnerability_id": "VCID-5kns-wat5-fbak", "summary": "Cross-site Scripting\nCross-Site Scripting in Bootstrap CSS toolkit.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-156" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5kns-wat5-fbak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13252?format=api", "vulnerability_id": "VCID-8qm5-zhme-3faj", "summary": "Cross-site Scripting\nCross-Site Scripting in Form Framework.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-157" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qm5-zhme-3faj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13246?format=api", "vulnerability_id": "VCID-9zv7-vfdr-bkd8", "summary": "Cross-site Scripting\nCross-Site Scripting in Language Pack Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-004/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-159" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9zv7-vfdr-bkd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13244?format=api", "vulnerability_id": "VCID-avxg-mdeb-nkc4", "summary": "Code Injection\nArbitrary Code Execution via File List Module.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-158" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avxg-mdeb-nkc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340930?format=api", "vulnerability_id": "VCID-btdr-fh69-1fgv", "summary": "TYPO3 Cross-Site Scripting in Language Pack Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-8.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-8.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-004", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-004" }, { "reference_url": "https://github.com/advisories/GHSA-76r3-m635-p3vc", "reference_id": "GHSA-76r3-m635-p3vc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-76r3-m635-p3vc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-76r3-m635-p3vc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btdr-fh69-1fgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13248?format=api", "vulnerability_id": "VCID-gryz-ggj5-47ds", "summary": "Information Disclosure of Installed Extensions.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-152" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gryz-ggj5-47ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13253?format=api", "vulnerability_id": "VCID-jk1k-zbk4-27e4", "summary": "Security Misconfiguration for Backend User Accounts.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-153" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jk1k-zbk4-27e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340929?format=api", "vulnerability_id": "VCID-jmxj-f45s-xucg", "summary": "TYPO3 Arbitrary Code Execution via File List Module", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-7.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-7.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/45c311d120c359d54cc918e962c374e774239899", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/45c311d120c359d54cc918e962c374e774239899" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/5095084efae471c5fef7b578f2bc8a5060e1e148", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/5095084efae471c5fef7b578f2bc8a5060e1e148" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-008" }, { "reference_url": "https://github.com/advisories/GHSA-f9hr-7cfq-mjg2", "reference_id": "GHSA-f9hr-7cfq-mjg2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f9hr-7cfq-mjg2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-f9hr-7cfq-mjg2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmxj-f45s-xucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12805?format=api", "vulnerability_id": "VCID-qxqn-abw1-3qfc", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nIn Bootstrap, XSS is possible in the data-target property of scrollspy.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html" }, { "reference_url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1456", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1456" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07917", "scoring_system": "epss", "scoring_elements": "0.92163", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14041" }, { "reference_url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/10" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/11" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/May/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/May/13" }, { "reference_url": "https://github.com/twbs/bootstrap", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26423", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26423" }, { "reference_url": "https://github.com/twbs/bootstrap/issues/26627", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/issues/26627" }, { "reference_url": "https://github.com/twbs/bootstrap/pull/26630", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/twbs/bootstrap/pull/26630" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/18" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-006" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041", "reference_id": "CVE-2018-14041", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml", "reference_id": "CVE-2018-14041.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml", "reference_id": "CVE-2018-14041.YML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml" }, { "reference_url": "https://github.com/advisories/GHSA-pj7m-g53m-7638", "reference_id": "GHSA-pj7m-g53m-7638", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pj7m-g53m-7638" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "CVE-2018-14041", "GHSA-pj7m-g53m-7638" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxqn-abw1-3qfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340926?format=api", "vulnerability_id": "VCID-rjxw-3xrm-m3hr", "summary": "TYPO3 Security Misconfiguration for Backend User Accounts", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-2.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/1e0c7a60be0f324e77cdbc2dadef46458e191d47", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/1e0c7a60be0f324e77cdbc2dadef46458e191d47" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/88c53ed5006c830d8da3c3a5f3c1b81839f1efb4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/88c53ed5006c830d8da3c3a5f3c1b81839f1efb4" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-002" }, { "reference_url": "https://github.com/advisories/GHSA-rxc9-f2x6-qh4w", "reference_id": "GHSA-rxc9-f2x6-qh4w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rxc9-f2x6-qh4w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-rxc9-f2x6-qh4w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rjxw-3xrm-m3hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340931?format=api", "vulnerability_id": "VCID-s92b-kvzk-2bbp", "summary": "TYPO3 Cross-Site Scripting in Form Framework", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-6.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-6.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/3b8b8b4416b921df4ccc7c5b4a8e9a069562be35", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/3b8b8b4416b921df4ccc7c5b4a8e9a069562be35" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/a0e917008320e24c26780ba385fbfe738fcd45b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/a0e917008320e24c26780ba385fbfe738fcd45b9" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-007" }, { "reference_url": "https://github.com/advisories/GHSA-4459-qrcc-vfcf", "reference_id": "GHSA-4459-qrcc-vfcf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4459-qrcc-vfcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-4459-qrcc-vfcf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s92b-kvzk-2bbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340934?format=api", "vulnerability_id": "VCID-ssa5-szvz-s3fn", "summary": "TYPO3 Disclosure of Information about Installed Extensions", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-01-22-1.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/7960334bba1223a681283158f67a999334e88cf1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/7960334bba1223a681283158f67a999334e88cf1" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/9453d8a8763fffa76deb6a16f6b99c0ab6f3d8f1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/9453d8a8763fffa76deb6a16f6b99c0ab6f3d8f1" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-001" }, { "reference_url": "https://github.com/advisories/GHSA-p2h4-7fp3-cmh8", "reference_id": "GHSA-p2h4-7fp3-cmh8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p2h4-7fp3-cmh8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GHSA-p2h4-7fp3-cmh8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssa5-szvz-s3fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13250?format=api", "vulnerability_id": "VCID-v93n-bt5z-t7cg", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid `ViewHelpers`.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55442?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/55443?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-48hy-43gr-gfbf" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ac2s-kzxq-wbgt" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-f7br-96rx-gqfh" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-nmk7-s3yq-dbb8" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-ts6g-nh23-d3gf" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" } ], "aliases": [ "GMS-2019-155" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v93n-bt5z-t7cg" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.4" }