Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/57248?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "type": "composer", "namespace": "typo3", "name": "cms-core", "version": "8.7.27", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "9.5.29", "latest_non_vulnerable_version": "14.0.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170937?format=api", "vulnerability_id": "VCID-55k8-c62g-4bex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48752", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" }, { "reference_url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "GHSA-4jhw-2p6j-5wmp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jhw-2p6j-5wmp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21338", "GHSA-4jhw-2p6j-5wmp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55k8-c62g-4bex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170955?format=api", "vulnerability_id": "VCID-7prr-a8eb-t3he", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78559", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21357" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21357" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-003" }, { "reference_url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f", "reference_id": "GHSA-3vg7-jw9m-pc3f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3vg7-jw9m-pc3f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21357", "GHSA-3vg7-jw9m-pc3f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7prr-a8eb-t3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13907?format=api", "vulnerability_id": "VCID-88qn-j3zx-u3gm", "summary": "Cross-site Scripting\nTYPO3 is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32768" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768", "reference_id": "CVE-2021-32768", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32768" }, { "reference_url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v", "reference_id": "GHSA-c5c9-8c6m-727v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c5c9-8c6m-727v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/206913?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.42", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/57628?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.29", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/57629?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/57630?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.2" } ], "aliases": [ "CVE-2021-32768", "GHSA-c5c9-8c6m-727v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88qn-j3zx-u3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13850?format=api", "vulnerability_id": "VCID-ax86-j7wt-r3eq", "summary": "Cross-site Scripting\nTYPO3 contains a cross-site scripting vulnerability. When error messages are not properly encoded, the components `_QueryGenerator_` and `_QueryView_` are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58702", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32668" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668", "reference_id": "CVE-2021-32668", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32668" }, { "reference_url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379", "reference_id": "GHSA-6mh3-j5r5-2379", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mh3-j5r5-2379" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57627?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32668", "GHSA-6mh3-j5r5-2379" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax86-j7wt-r3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13847?format=api", "vulnerability_id": "VCID-fpg4-zerw-wba9", "summary": "Inclusion of Sensitive Information in Log Files\nTYPO3 is an open source PHP based web content management system. User credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55881", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32767" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c" }, { "reference_url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-013" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767", "reference_id": "CVE-2021-32767", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32767" }, { "reference_url": "https://github.com/advisories/GHSA-34fr-fhqr-7235", "reference_id": "GHSA-34fr-fhqr-7235", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-34fr-fhqr-7235" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57627?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32767", "GHSA-34fr-fhqr-7235" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpg4-zerw-wba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170954?format=api", "vulnerability_id": "VCID-jb99-84e9-pudw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62016", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21355" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21355" }, { "reference_url": "https://packagist.org/packages/typo3/cms-form", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-form" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-002" }, { "reference_url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2", "reference_id": "GHSA-2r6j-862c-m2v2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2r6j-862c-m2v2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21355", "GHSA-2r6j-862c-m2v2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jb99-84e9-pudw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/159608?format=api", "vulnerability_id": "VCID-kjyy-y8q3-wkh7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58358", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26227" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26227" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2020-010" }, { "reference_url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf", "reference_id": "GHSA-vqqx-jw6p-q3rf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vqqx-jw6p-q3rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/202467?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.38", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.38" }, { "url": "http://public2.vulnerablecode.io/api/packages/202461?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/202464?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-f76u-1aa2-vqd2" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-k71e-3tc1-37d3" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.10" } ], "aliases": [ "CVE-2020-26227", "GHSA-vqqx-jw6p-q3rf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjyy-y8q3-wkh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170938?format=api", "vulnerability_id": "VCID-n1ba-m68n-8khg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3235", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" }, { "reference_url": "https://github.com/advisories/GHSA-qx3w-4864-94ch", "reference_id": "GHSA-qx3w-4864-94ch", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qx3w-4864-94ch" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21339", "GHSA-qx3w-4864-94ch" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ba-m68n-8khg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170967?format=api", "vulnerability_id": "VCID-z6y7-9ym5-g3fd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57099", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370" }, { "reference_url": "https://packagist.org/packages/typo3/cms-backend", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-backend" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" }, { "reference_url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57459?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/207155?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/207149?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/207153?format=api", "purl": "pkg:composer/typo3/cms-core@11.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.1.1" } ], "aliases": [ "CVE-2021-21370", "GHSA-x7hc-x7fm-f7qh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6y7-9ym5-g3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13849?format=api", "vulnerability_id": "VCID-ztnv-bz8e-23fw", "summary": "Cross-site Scripting\nTYPO3 is an open source PHP based web content management system. have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59357", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32669" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-011" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669", "reference_id": "CVE-2021-32669", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32669" }, { "reference_url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw", "reference_id": "GHSA-rgcg-28xm-8mmw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rgcg-28xm-8mmw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57627?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/57460?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/57454?format=api", "purl": "pkg:composer/typo3/cms-core@10.4.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88qn-j3zx-u3gm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@10.4.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/57455?format=api", "purl": "pkg:composer/typo3/cms-core@11.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4g3j-h5uj-2yfp" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ydx2-yevp-bubw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@11.3.1" } ], "aliases": [ "CVE-2021-32669", "GHSA-rgcg-28xm-8mmw" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztnv-bz8e-23fw" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13740?format=api", "vulnerability_id": "VCID-85q5-auec-67hf", "summary": "Insecure Deserialization in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-169" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85q5-auec-67hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13746?format=api", "vulnerability_id": "VCID-d95b-sf2s-sba8", "summary": "Cross-site Scripting\nCross-Site Scripting in Link Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-166" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d95b-sf2s-sba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340939?format=api", "vulnerability_id": "VCID-e3xt-zqx4-7fh4", "summary": "TYPO3 Arbitrary Code Execution and Cross-Site Scripting in Backend API", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-06-25-4.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-06-25-4.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/3a99a0877de6ad9cb39ba73146292b90e13294db", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/3a99a0877de6ad9cb39ba73146292b90e13294db" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/822e62ec267fbe3c70a26f1c4f73f47fc615c930", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/822e62ec267fbe3c70a26f1c4f73f47fc615c930" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019" }, { "reference_url": "https://github.com/advisories/GHSA-x428-565f-8xj2", "reference_id": "GHSA-x428-565f-8xj2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x428-565f-8xj2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GHSA-x428-565f-8xj2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3xt-zqx4-7fh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13780?format=api", "vulnerability_id": "VCID-fjmf-pf49-vbde", "summary": "Cross-site Scripting\nTYPO3 allows XSS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53688", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12748" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/cms/release-news/typo3-8-release-notes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/cms/release-news/typo3-8-release-notes" }, { "reference_url": "https://typo3.org/cms/release-news/typo3-8-release-notes/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/cms/release-news/typo3-8-release-notes/" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-015/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12748", "reference_id": "CVE-2019-12748", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12748" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12748.yaml", "reference_id": "CVE-2019-12748.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12748.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12748.yaml", "reference_id": "CVE-2019-12748.YAML", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12748.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-r6fv-56gp-j3r4", "reference_id": "GHSA-r6fv-56gp-j3r4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r6fv-56gp-j3r4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "CVE-2019-12748", "GHSA-r6fv-56gp-j3r4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fjmf-pf49-vbde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/138240?format=api", "vulnerability_id": "VCID-gfvt-nhw4-gyd6", "summary": "", "references": [ { "reference_url": "http://github.com/TYPO3/typo3/commit/647aa7afa582983cddc547fa106d31e2b1ef34fe", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://github.com/TYPO3/typo3/commit/647aa7afa582983cddc547fa106d31e2b1ef34fe" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01559", "scoring_system": "epss", "scoring_elements": "0.81775", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12747" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/cms/release-news/typo3-8-release-notes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/cms/release-news/typo3-8-release-notes" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-020" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12747", "reference_id": "CVE-2019-12747", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12747" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12747.yaml", "reference_id": "CVE-2019-12747.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12747.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12747.yaml", "reference_id": "CVE-2019-12747.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12747.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-86hp-xrhj-fhpq", "reference_id": "GHSA-86hp-xrhj-fhpq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-86hp-xrhj-fhpq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "CVE-2019-12747", "GHSA-86hp-xrhj-fhpq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfvt-nhw4-gyd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13747?format=api", "vulnerability_id": "VCID-qdta-u8z4-e3g5", "summary": "Information Disclosure in Backend User Interface.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-165" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdta-u8z4-e3g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13752?format=api", "vulnerability_id": "VCID-th4c-z7hb-7yax", "summary": "Code Injection\nArbitrary Code Execution and Cross-Site Scripting in Backend API.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-019/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-168" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-th4c-z7hb-7yax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340937?format=api", "vulnerability_id": "VCID-u3wa-hr9b-83ae", "summary": "TYPO3 Security Misconfiguration in Frontend Session Handling", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-06-25-3.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-06-25-3.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/c8c08ca0c26db02753c243e175a8a045628341b6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/c8c08ca0c26db02753c243e175a8a045628341b6" }, { "reference_url": "https://github.com/TYPO3-CMS/core/commit/fe43834075ae283c8cd91949e9f1dfd18b2d492f", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core/commit/fe43834075ae283c8cd91949e9f1dfd18b2d492f" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018" }, { "reference_url": "https://github.com/advisories/GHSA-82vp-jr39-4j2j", "reference_id": "GHSA-82vp-jr39-4j2j", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-82vp-jr39-4j2j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GHSA-82vp-jr39-4j2j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3wa-hr9b-83ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13742?format=api", "vulnerability_id": "VCID-v5kf-nvb3-77cc", "summary": "Security Misconfiguration in Frontend Session Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-018/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GMS-2019-167" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5kf-nvb3-77cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340936?format=api", "vulnerability_id": "VCID-ypcs-2c8m-23e1", "summary": "TYPO3 Information Disclosure in Backend User Interface", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-06-25-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/2019-06-25-1.yaml" }, { "reference_url": "https://github.com/TYPO3-CMS/core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3-CMS/core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-014" }, { "reference_url": "https://github.com/advisories/GHSA-rv8r-8mh5-5376", "reference_id": "GHSA-rv8r-8mh5-5376", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rv8r-8mh5-5376" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57248?format=api", "purl": "pkg:composer/typo3/cms-core@8.7.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/57249?format=api", "purl": "pkg:composer/typo3/cms-core@9.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bhg-x7gu-kqcv" }, { "vulnerability": "VCID-28m8-296w-tych" }, { "vulnerability": "VCID-55k8-c62g-4bex" }, { "vulnerability": "VCID-5ynp-eb7a-qqf3" }, { "vulnerability": "VCID-7prr-a8eb-t3he" }, { "vulnerability": "VCID-83uf-75pf-rkdk" }, { "vulnerability": "VCID-88qn-j3zx-u3gm" }, { "vulnerability": "VCID-aj95-p9de-qff5" }, { "vulnerability": "VCID-arur-ep6s-rqdy" }, { "vulnerability": "VCID-ax86-j7wt-r3eq" }, { "vulnerability": "VCID-fpg4-zerw-wba9" }, { "vulnerability": "VCID-jb99-84e9-pudw" }, { "vulnerability": "VCID-kjyy-y8q3-wkh7" }, { "vulnerability": "VCID-n1ba-m68n-8khg" }, { "vulnerability": "VCID-xxxy-6j4a-7fbr" }, { "vulnerability": "VCID-y5fe-53uv-2ycz" }, { "vulnerability": "VCID-ybm6-51vn-bybr" }, { "vulnerability": "VCID-z6y7-9ym5-g3fd" }, { "vulnerability": "VCID-ztnv-bz8e-23fw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8" } ], "aliases": [ "GHSA-rv8r-8mh5-5376" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypcs-2c8m-23e1" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27" }