Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/56967?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "type": "composer", "namespace": "typo3", "name": "cms-core", "version": "9.5.6", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "9.5.29", "latest_non_vulnerable_version": "14.0.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170957?format=api", "vulnerability_id": "VCID-1bhg-x7gu-kqcv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69477", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21359" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21359.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21359.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21359.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21359.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4p9g-qgx9-397p" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21359", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21359" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-005" }, { "reference_url": "https://github.com/advisories/GHSA-4p9g-qgx9-397p", "reference_id": "GHSA-4p9g-qgx9-397p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4p9g-qgx9-397p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21359", "GHSA-4p9g-qgx9-397p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bhg-x7gu-kqcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/159609?format=api", "vulnerability_id": "VCID-28m8-296w-tych", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39013", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26228" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26228.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26228.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26228.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26228.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-954j-f27r-cj52" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26228", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26228" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-011" }, { "reference_url": "https://github.com/advisories/GHSA-954j-f27r-cj52", "reference_id": "GHSA-954j-f27r-cj52", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-954j-f27r-cj52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/202461?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/202464?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.10" } ], "aliases": [ "CVE-2020-26228", "GHSA-954j-f27r-cj52" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-28m8-296w-tych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170937?format=api", "vulnerability_id": "VCID-55k8-c62g-4bex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48752", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" }, { "reference_url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "GHSA-4jhw-2p6j-5wmp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21338", "GHSA-4jhw-2p6j-5wmp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55k8-c62g-4bex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/155044?format=api", "vulnerability_id": "VCID-5xbb-syuc-qbdw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57067", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15241" }, { "reference_url": "https://github.com/TYPO3/Fluid", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/Fluid" }, { "reference_url": "https://github.com/TYPO3/Fluid/commit/9ef6a8ffff2e812025fc0701b4ce72eea6911a3d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/Fluid/commit/9ef6a8ffff2e812025fc0701b4ce72eea6911a3d" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15241", "reference_id": "CVE-2020-15241", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15241" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15241.yaml", "reference_id": "CVE-2020-15241.YAML", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15241.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15241.yaml", "reference_id": "CVE-2020-15241.YAML", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15241.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3fluid/fluid/CVE-2020-15241.yaml", "reference_id": "CVE-2020-15241.YAML", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3fluid/fluid/CVE-2020-15241.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-7733-hjv6-4h47", "reference_id": "GHSA-7733-hjv6-4h47", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7733-hjv6-4h47" }, { "reference_url": "https://github.com/TYPO3/Fluid/security/advisories/GHSA-7733-hjv6-4h47", "reference_id": "GHSA-7733-hjv6-4h47", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/Fluid/security/advisories/GHSA-7733-hjv6-4h47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/141209?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.7" } ], "aliases": [ "CVE-2020-15241", "GHSA-7733-hjv6-4h47" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xbb-syuc-qbdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/154945?format=api", "vulnerability_id": "VCID-5ynp-eb7a-qqf3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02358", "scoring_system": "epss", "scoring_elements": "0.85185", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15098" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/commit/85d3e70dff35a99ef53f4b561114acfa9e5c47e1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/commit/85d3e70dff35a99ef53f4b561114acfa9e5c47e1" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2016-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2016-013" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-008" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5091", "reference_id": "CVE-2016-5091", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5091" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15098", "reference_id": "CVE-2020-15098", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15098" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15098.yaml", "reference_id": "CVE-2020-15098.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15098.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15098.yaml", "reference_id": "CVE-2020-15098.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15098.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-m5vr-3m74-jwxp", "reference_id": "GHSA-m5vr-3m74-jwxp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m5vr-3m74-jwxp" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-m5vr-3m74-jwxp", "reference_id": "GHSA-m5vr-3m74-jwxp", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-m5vr-3m74-jwxp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75117?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/75119?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.6" } ], "aliases": [ "CVE-2020-15098", "GHSA-m5vr-3m74-jwxp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ynp-eb7a-qqf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170955?format=api", "vulnerability_id": "VCID-7prr-a8eb-t3he", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78559", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" }, { "reference_url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "GHSA-3vg7-jw9m-pc3f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21357", "GHSA-3vg7-jw9m-pc3f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7prr-a8eb-t3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152182?format=api", "vulnerability_id": "VCID-83uf-75pf-rkdk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67446", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11066" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-004", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-004" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11066", "reference_id": "CVE-2020-11066", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11066" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11066.yaml", "reference_id": "CVE-2020-11066.YAML", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11066.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11066.yaml", "reference_id": "CVE-2020-11066.YAML", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11066.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-2rxh-h6h9-qrqc", "reference_id": "GHSA-2rxh-h6h9-qrqc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2rxh-h6h9-qrqc" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2rxh-h6h9-qrqc", "reference_id": "GHSA-2rxh-h6h9-qrqc", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2rxh-h6h9-qrqc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11066", "GHSA-2rxh-h6h9-qrqc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-83uf-75pf-rkdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13740?format=api", "vulnerability_id": "VCID-85q5-auec-67hf", "summary": "Insecure Deserialization in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-169" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85q5-auec-67hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13907?format=api", "vulnerability_id": "VCID-88qn-j3zx-u3gm", "summary": "Cross-site Scripting\nTYPO3 is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768", "reference_id": "CVE-2021-32768", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768" }, { "reference_url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "GHSA-c5c9-8c6m-727v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57628?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.29", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/57629?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/57630?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.2" } ], "aliases": [ "CVE-2021-32768", "GHSA-c5c9-8c6m-727v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88qn-j3zx-u3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152183?format=api", "vulnerability_id": "VCID-aj95-p9de-qff5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01181", "scoring_system": "epss", "scoring_elements": "0.79072", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11067" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-005", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-005" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11067", "reference_id": "CVE-2020-11067", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11067" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11067.yaml", "reference_id": "CVE-2020-11067.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11067.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11067.yaml", "reference_id": "CVE-2020-11067.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11067.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-2wj9-434x-9hvp", "reference_id": "GHSA-2wj9-434x-9hvp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2wj9-434x-9hvp" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2wj9-434x-9hvp", "reference_id": "GHSA-2wj9-434x-9hvp", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2wj9-434x-9hvp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11067", "GHSA-2wj9-434x-9hvp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aj95-p9de-qff5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152180?format=api", "vulnerability_id": "VCID-arur-ep6s-rqdy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42778", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11064" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11064", "reference_id": "CVE-2020-11064", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11064" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11064.yaml", "reference_id": "CVE-2020-11064.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11064.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11064.yaml", "reference_id": "CVE-2020-11064.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11064.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-43gj-mj2w-wh46", "reference_id": "GHSA-43gj-mj2w-wh46", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-43gj-mj2w-wh46" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-43gj-mj2w-wh46", "reference_id": "GHSA-43gj-mj2w-wh46", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-43gj-mj2w-wh46" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11064", "GHSA-43gj-mj2w-wh46" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-arur-ep6s-rqdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13850?format=api", "vulnerability_id": "VCID-ax86-j7wt-r3eq", "summary": "Cross-site Scripting\nTYPO3 contains a cross-site scripting vulnerability. When error messages are not properly encoded, the components `_QueryGenerator_` and `_QueryView_` are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58702", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668", "reference_id": "CVE-2021-32668", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668" }, { "reference_url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "GHSA-6mh3-j5r5-2379", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32668", "GHSA-6mh3-j5r5-2379" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax86-j7wt-r3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13746?format=api", "vulnerability_id": "VCID-d95b-sf2s-sba8", "summary": "Cross-site Scripting\nCross-Site Scripting in Link Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-166" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d95b-sf2s-sba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13744?format=api", "vulnerability_id": "VCID-dmwm-8c1j-mbbp", "summary": "Improper Access Control\nBroken Access Control in Import Module.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-017/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-017/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-171" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmwm-8c1j-mbbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13751?format=api", "vulnerability_id": "VCID-ffn5-gthd-mkea", "summary": "Deserialization of Untrusted Data\nPossible deserialization side-effects in `symfony/cache`.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-170" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ffn5-gthd-mkea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13847?format=api", "vulnerability_id": "VCID-fpg4-zerw-wba9", "summary": "Inclusion of Sensitive Information in Log Files\nTYPO3 is an open source PHP based web content management system. User credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55881", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767", "reference_id": "CVE-2021-32767", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767" }, { "reference_url": "https://github.com/advisories/GHSA-34fr-fhqr-7235", "reference_id": "GHSA-34fr-fhqr-7235", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-34fr-fhqr-7235" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32767", "GHSA-34fr-fhqr-7235" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpg4-zerw-wba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170954?format=api", "vulnerability_id": "VCID-jb99-84e9-pudw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62016", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" }, { "reference_url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "GHSA-2r6j-862c-m2v2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21355", "GHSA-2r6j-862c-m2v2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jb99-84e9-pudw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/159608?format=api", "vulnerability_id": "VCID-kjyy-y8q3-wkh7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58358", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010" }, { "reference_url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "GHSA-vqqx-jw6p-q3rf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/202461?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/202464?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.10" } ], "aliases": [ "CVE-2020-26227", "GHSA-vqqx-jw6p-q3rf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjyy-y8q3-wkh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13602?format=api", "vulnerability_id": "VCID-m1y3-csp4-aqe4", "summary": "Deserialization of Untrusted Data\nIn Symfony it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78513", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10912" }, { "reference_url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/symfony/symfony/commit/4fb975281634b8d49ebf013af9e502e67c28816b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42UEKSLKJB72P24JBWVN6AADHLMYSUQD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QEAOZXVNDA63537A2OIH4QE77EKZR5O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAC2TQVEEH5FDJSSWPM2BCRIPTCOEMMO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHHIG4GMSGEIDT3RITSW7GJ5NT6IBHXU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFARAUAWZE4UDSKVDWRD35D75HI5UGSD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDSM576XIOVXVCMHNJHLBBZBTOD62LDA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTJGZJLPG5FHKFH7KNAKNTWOGBB6LXAL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLOZX5BZMQKWG7PJRQL6MB5CAMKBQAWD/" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/21", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/21" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-016/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4441", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4441" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10912", "reference_id": "CVE-2019-10912", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10912" }, { "reference_url": "https://symfony.com/cve-2019-10912", "reference_id": "CVE-2019-10912", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://symfony.com/cve-2019-10912" }, { "reference_url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized", "reference_id": "CVE-2019-10912-PREVENT-DESTRUCTORS-WITH-SIDE-EFFECTS-FROM-BEING-UNSERIALIZED", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/cache/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/phpunit-bridge/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml", "reference_id": "CVE-2019-10912.YAML", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-10912.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-w2fr-65vp-mxw3", "reference_id": "GHSA-w2fr-65vp-mxw3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w2fr-65vp-mxw3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "CVE-2019-10912", "GHSA-w2fr-65vp-mxw3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1y3-csp4-aqe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170938?format=api", "vulnerability_id": "VCID-n1ba-m68n-8khg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3235", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" }, { "reference_url": "https://github.com/advisories/GHSA-qx3w-4864-94ch", "reference_id": "GHSA-qx3w-4864-94ch", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qx3w-4864-94ch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21339", "GHSA-qx3w-4864-94ch" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ba-m68n-8khg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13747?format=api", "vulnerability_id": "VCID-qdta-u8z4-e3g5", "summary": "Information Disclosure in Backend User Interface.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-165" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdta-u8z4-e3g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13752?format=api", "vulnerability_id": "VCID-th4c-z7hb-7yax", "summary": "Code Injection\nArbitrary Code Execution and Cross-Site Scripting in Backend API.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-168" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-th4c-z7hb-7yax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13742?format=api", "vulnerability_id": "VCID-v5kf-nvb3-77cc", "summary": "Security Misconfiguration in Frontend Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-167" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5kf-nvb3-77cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/152185?format=api", "vulnerability_id": "VCID-xxxy-6j4a-7fbr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11069", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60891", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11069" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-006" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11069", "reference_id": "CVE-2020-11069", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11069" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11069.yaml", "reference_id": "CVE-2020-11069.YAML", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11069.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11069.yaml", "reference_id": "CVE-2020-11069.YAML", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11069.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-pqg8-crx9-g8m4", "reference_id": "GHSA-pqg8-crx9-g8m4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqg8-crx9-g8m4" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-pqg8-crx9-g8m4", "reference_id": "GHSA-pqg8-crx9-g8m4", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-pqg8-crx9-g8m4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74864?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/74863?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.2" } ], "aliases": [ "CVE-2020-11069", "GHSA-pqg8-crx9-g8m4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xxxy-6j4a-7fbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13848?format=api", "vulnerability_id": "VCID-y5fe-53uv-2ycz", "summary": "Cross-site Scripting\nTYPO3 contains a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corresponding page preview module (`_Web>View_`) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61935", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32667" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32667.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32667.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32667.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32667.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-8mq9-fqv8-59wf" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8mq9-fqv8-59wf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-8mq9-fqv8-59wf" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-009" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32667", "reference_id": "CVE-2021-32667", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32667" }, { "reference_url": "https://github.com/advisories/GHSA-8mq9-fqv8-59wf", "reference_id": "GHSA-8mq9-fqv8-59wf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8mq9-fqv8-59wf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32667", "GHSA-8mq9-fqv8-59wf" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5fe-53uv-2ycz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/154946?format=api", "vulnerability_id": "VCID-ybm6-51vn-bybr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01187", "scoring_system": "epss", "scoring_elements": "0.79117", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15099" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-007" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15099", "reference_id": "CVE-2020-15099", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15099" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15099.yaml", "reference_id": "CVE-2020-15099.YAML", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15099.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15099.yaml", "reference_id": "CVE-2020-15099.YAML", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15099.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-3x94-fv5h-5q2c", "reference_id": "GHSA-3x94-fv5h-5q2c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3x94-fv5h-5q2c" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3x94-fv5h-5q2c", "reference_id": "GHSA-3x94-fv5h-5q2c", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3x94-fv5h-5q2c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75117?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/75119?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-sz3j-ga7s-5uds" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.6" } ], "aliases": [ "CVE-2020-15099", "GHSA-3x94-fv5h-5q2c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybm6-51vn-bybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170967?format=api", "vulnerability_id": "VCID-z6y7-9ym5-g3fd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57099", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370" }, { "reference_url": "https://packagist.org/packages/typo3/cms-backend", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-backend" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" }, { "reference_url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21370", "GHSA-x7hc-x7fm-f7qh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6y7-9ym5-g3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13849?format=api", "vulnerability_id": "VCID-ztnv-bz8e-23fw", "summary": "Cross-site Scripting\nTYPO3 is an open source PHP based web content management system. have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59357", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669", "reference_id": "CVE-2021-32669", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669" }, { "reference_url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "GHSA-rgcg-28xm-8mmw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32669", "GHSA-rgcg-28xm-8mmw" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztnv-bz8e-23fw" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13579?format=api", "vulnerability_id": "VCID-48hy-43gr-gfbf", "summary": "Security Misconfiguration in User Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-161" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48hy-43gr-gfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/155044?format=api", "vulnerability_id": "VCID-5xbb-syuc-qbdw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57067", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15241" }, { "reference_url": "https://github.com/TYPO3/Fluid", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/Fluid" }, { "reference_url": "https://github.com/TYPO3/Fluid/commit/9ef6a8ffff2e812025fc0701b4ce72eea6911a3d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/Fluid/commit/9ef6a8ffff2e812025fc0701b4ce72eea6911a3d" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15241", "reference_id": "CVE-2020-15241", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15241" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15241.yaml", "reference_id": "CVE-2020-15241.YAML", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-15241.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15241.yaml", "reference_id": "CVE-2020-15241.YAML", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-15241.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3fluid/fluid/CVE-2020-15241.yaml", "reference_id": "CVE-2020-15241.YAML", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3fluid/fluid/CVE-2020-15241.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-7733-hjv6-4h47", "reference_id": "GHSA-7733-hjv6-4h47", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7733-hjv6-4h47" }, { "reference_url": "https://github.com/TYPO3/Fluid/security/advisories/GHSA-7733-hjv6-4h47", "reference_id": "GHSA-7733-hjv6-4h47", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/Fluid/security/advisories/GHSA-7733-hjv6-4h47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/141208?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/141209?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.7" } ], "aliases": [ "CVE-2020-15241", "GHSA-7733-hjv6-4h47" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xbb-syuc-qbdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340935?format=api", "vulnerability_id": "VCID-8kx1-kjaz-rqad", "summary": "TYPO3 Information Disclosure in User Authentication", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-05-07-5.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-05-07-5.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/ac0565b7a539398a07adf21f04f85cd2574817d2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/ac0565b7a539398a07adf21f04f85cd2574817d2" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-010" }, { "reference_url": "https://github.com/advisories/GHSA-wj85-rg5g-v8jm", "reference_id": "GHSA-wj85-rg5g-v8jm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wj85-rg5g-v8jm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GHSA-wj85-rg5g-v8jm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kx1-kjaz-rqad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13585?format=api", "vulnerability_id": "VCID-ac2s-kzxq-wbgt", "summary": "Information Disclosure in Page Tree.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-009/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-009/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-163" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ac2s-kzxq-wbgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13590?format=api", "vulnerability_id": "VCID-cag3-ba8g-zfcn", "summary": "Improper Input Validation\nTYPO3 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by `ImageMagick` or `GraphicsMagick`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.7599", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11832" }, { "reference_url": "https://github.com/github/advisory-database/pull/3530", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/github/advisory-database/pull/3530" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/2c04eeac44733fda491f92c697f88c1337d19c79", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/2c04eeac44733fda491f92c697f88c1337d19c79" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/51fdb774a57ee30e8d60c0e33b4a0b92d775739e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/51fdb774a57ee30e8d60c0e33b4a0b92d775739e" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/e845d90b82b2f72ab12a9e37f15082297832beca", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/e845d90b82b2f72ab12a9e37f15082297832beca" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11832", "reference_id": "CVE-2019-11832", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11832" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-11832.yaml", "reference_id": "CVE-2019-11832.YAML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-11832.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-11832.yaml", "reference_id": "CVE-2019-11832.YAML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-11832.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-3w4h-r27h-4r2w", "reference_id": "GHSA-3w4h-r27h-4r2w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3w4h-r27h-4r2w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "CVE-2019-11832", "GHSA-3w4h-r27h-4r2w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cag3-ba8g-zfcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13578?format=api", "vulnerability_id": "VCID-f7br-96rx-gqfh", "summary": "Code Injection\nPossible Arbitrary Code Execution in Image Processing.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-162" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7br-96rx-gqfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340933?format=api", "vulnerability_id": "VCID-jycm-wccp-2bb6", "summary": "TYPO3 Information Disclosure in Page Tree", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-05-07-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-05-07-4.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-009" }, { "reference_url": "https://github.com/advisories/GHSA-wvvp-jwf5-qcpc", "reference_id": "GHSA-wvvp-jwf5-qcpc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wvvp-jwf5-qcpc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GHSA-wvvp-jwf5-qcpc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jycm-wccp-2bb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13587?format=api", "vulnerability_id": "VCID-nmk7-s3yq-dbb8", "summary": "Cross-site Scripting\nCross-Site Scripting in Fluid Engine.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-013/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-160" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmk7-s3yq-dbb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340932?format=api", "vulnerability_id": "VCID-p954-9jeg-puga", "summary": "TYPO3 Security Misconfiguration in User Session Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-05-07-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-05-07-2.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/437bf78c0ef64a059c7feaa5164f6f028507b425", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/437bf78c0ef64a059c7feaa5164f6f028507b425" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/e21f0e5d29b68a7e64448762b3f86ac24d36627f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/e21f0e5d29b68a7e64448762b3f86ac24d36627f" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-011" }, { "reference_url": "https://github.com/advisories/GHSA-xmgr-jff3-fcfv", "reference_id": "GHSA-xmgr-jff3-fcfv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xmgr-jff3-fcfv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56966?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GHSA-xmgr-jff3-fcfv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p954-9jeg-puga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13586?format=api", "vulnerability_id": "VCID-ts6g-nh23-d3gf", "summary": "Information Disclosure in User Authentication.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-010/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56967?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5xbb-syuc-qbdw" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-85q5-auec-67hf" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-d95b-sf2s-sba8" }, { "vulnerability": "VCID-dmwm-8c1j-mbbp" }, { "vulnerability": "VCID-ffn5-gthd-mkea" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-m1y3-csp4-aqe4" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-qdta-u8z4-e3g5" }, { "vulnerability": "VCID-th4c-z7hb-7yax" }, { "vulnerability": "VCID-v5kf-nvb3-77cc" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" } ], "aliases": [ "GMS-2019-164" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ts6g-nh23-d3gf" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.6" }