Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/typo3/cms-core@8.7.27

Type composer

Namespace typo3

Name cms-core

Version 8.7.27

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 8.7.55

Latest_non_vulnerable_version 14.0.2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1knh-es99-dubw

vulnerability_id VCID-1knh-es99-dubw

summary

Code Injection
Arbitrary Code Execution and Cross-Site Scripting in Backend API.

references

reference_url	https://typo3.org/security/advisory/typo3-core-sa-2019-019/
reference_id
reference_type
scores
url	https://typo3.org/security/advisory/typo3-core-sa-2019-019/

fixed_packages

url	pkg:composer/typo3/cms-core@8.7.27
purl	pkg:composer/typo3/cms-core@8.7.27
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27

url	pkg:composer/typo3/cms-core@9.5.8
purl	pkg:composer/typo3/cms-core@9.5.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8

aliases GMS-2019-168

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1knh-es99-dubw

url VCID-6ffw-r4k7-5qf8

vulnerability_id VCID-6ffw-r4k7-5qf8

summary Security Misconfiguration in Frontend Session Handling.

references

reference_url	https://typo3.org/security/advisory/typo3-core-sa-2019-018/
reference_id
reference_type
scores
url	https://typo3.org/security/advisory/typo3-core-sa-2019-018/

fixed_packages

url	pkg:composer/typo3/cms-core@8.7.27
purl	pkg:composer/typo3/cms-core@8.7.27
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27

url	pkg:composer/typo3/cms-core@9.5.8
purl	pkg:composer/typo3/cms-core@9.5.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8

aliases GMS-2019-167

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ffw-r4k7-5qf8

url VCID-82ds-xda8-5ye4

vulnerability_id VCID-82ds-xda8-5ye4

summary Insecure Deserialization in TYPO3 CMS.

references

reference_url	https://typo3.org/security/advisory/typo3-core-sa-2019-020/
reference_id
reference_type
scores
url	https://typo3.org/security/advisory/typo3-core-sa-2019-020/

fixed_packages

url	pkg:composer/typo3/cms-core@8.7.27
purl	pkg:composer/typo3/cms-core@8.7.27
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27

url	pkg:composer/typo3/cms-core@9.5.8
purl	pkg:composer/typo3/cms-core@9.5.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8

aliases GMS-2019-169

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-82ds-xda8-5ye4

url VCID-cv9x-ea8e-pufu

vulnerability_id VCID-cv9x-ea8e-pufu

summary

Cross-site Scripting
Cross-Site Scripting in Link Handling.

references

reference_url	https://typo3.org/security/advisory/typo3-core-sa-2019-015/
reference_id
reference_type
scores
url	https://typo3.org/security/advisory/typo3-core-sa-2019-015/

fixed_packages

url	pkg:composer/typo3/cms-core@8.7.27
purl	pkg:composer/typo3/cms-core@8.7.27
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27

url	pkg:composer/typo3/cms-core@9.5.8
purl	pkg:composer/typo3/cms-core@9.5.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8

aliases GMS-2019-166

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cv9x-ea8e-pufu

url VCID-e8ze-umec-a7hx

vulnerability_id VCID-e8ze-umec-a7hx

summary Information Disclosure in Backend User Interface.

references

reference_url	https://typo3.org/security/advisory/typo3-core-sa-2019-014/
reference_id
reference_type
scores
url	https://typo3.org/security/advisory/typo3-core-sa-2019-014/

fixed_packages

url	pkg:composer/typo3/cms-core@8.7.27
purl	pkg:composer/typo3/cms-core@8.7.27
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27

url	pkg:composer/typo3/cms-core@9.5.8
purl	pkg:composer/typo3/cms-core@9.5.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.8

aliases GMS-2019-165

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8ze-umec-a7hx

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.27

Package Instance