Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@6.0.14
Typecomposer
Namespacetypo3
Namecms
Version6.0.14
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.35
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-2f2m-tcjn-fyby
vulnerability_id VCID-2f2m-tcjn-fyby
summary 
Typo3 Vulnerable to Cache Poisoning
**Problem Description:** A request URL with arbitrary arguments, but still pointing to the home page of  a TYPO3 installation can be cached if the configuration option `config.prefixLocalAnchors` is used with the values "all" or "cached". The impact of this vulnerability is that unfamiliar looking links to the home page can end up in the cache, which leads to a reload of the page in the browser when section links are followed by web page visitors, instead of just directly jumping to the requested section of the page. TYPO3 versions 4.6.x and higher are only affected if the homepage is not a shortcut to a different page.

**Solution:** Removing the configuration options `config.prefixLocalAnchors` (and optionally also config.baseUrl) in favor of `config.absRefPrefix`

**Credits:** Thanks to Gernot Leitgab who discovered and reported the vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9509
reference_id
reference_type
scores
0
value 0.00633
scoring_system epss
scoring_elements 0.70755
published_at 2026-06-04T12:55:00Z
1
value 0.00633
scoring_system epss
scoring_elements 0.70797
published_at 2026-06-05T12:55:00Z
2
value 0.00633
scoring_system epss
scoring_elements 0.70804
published_at 2026-06-06T12:55:00Z
3
value 0.00633
scoring_system epss
scoring_elements 0.70787
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9509
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9509
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9509
2
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003
3
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
4
reference_url https://github.com/advisories/GHSA-5479-gqqr-f9gj
reference_id GHSA-5479-gqqr-f9gj
reference_type
scores
url https://github.com/advisories/GHSA-5479-gqqr-f9gj
fixed_packages
0
url pkg:composer/typo3/cms@6.0.15
purl pkg:composer/typo3/cms@6.0.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.15
1
url pkg:composer/typo3/cms@6.1.13
purl pkg:composer/typo3/cms@6.1.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.13
2
url pkg:composer/typo3/cms@6.2.9
purl pkg:composer/typo3/cms@6.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-1usv-hs5c-akb2
3
vulnerability VCID-2r7u-mc45-8yhe
4
vulnerability VCID-39jx-muqb-nkfq
5
vulnerability VCID-4wnp-gusy-43b8
6
vulnerability VCID-5dxs-cdht-27hw
7
vulnerability VCID-5hm4-ms5p-uuae
8
vulnerability VCID-5ppx-p8eq-mbgk
9
vulnerability VCID-5ru2-1n1f-afa4
10
vulnerability VCID-6su8-bbrw-hbhp
11
vulnerability VCID-727q-h3ey-6yc9
12
vulnerability VCID-7n9x-c9gs-9yb3
13
vulnerability VCID-83y4-7q4j-h7f8
14
vulnerability VCID-8jcy-3kje-fqeh
15
vulnerability VCID-8p64-6zpt-t3av
16
vulnerability VCID-8vum-snng-jfcv
17
vulnerability VCID-95wn-6r9b-q7et
18
vulnerability VCID-9899-uxyb-73gg
19
vulnerability VCID-ansr-8m5j-pya6
20
vulnerability VCID-bstt-ybrs-5ua3
21
vulnerability VCID-c57c-akce-xufq
22
vulnerability VCID-cgqm-1wwf-kbg6
23
vulnerability VCID-dd9u-w2y2-87h9
24
vulnerability VCID-dw8z-wtph-skey
25
vulnerability VCID-dwjk-7sqh-hqa8
26
vulnerability VCID-dyhd-5p1e-fya6
27
vulnerability VCID-e1gr-txgg-fqa6
28
vulnerability VCID-e1ms-4r4s-g7e7
29
vulnerability VCID-e2bk-pfbe-puek
30
vulnerability VCID-e82x-2cdb-7fgn
31
vulnerability VCID-ebku-sk43-m7bf
32
vulnerability VCID-ec17-eauu-67d3
33
vulnerability VCID-ekvp-u4kk-kqdd
34
vulnerability VCID-eutz-mj58-audb
35
vulnerability VCID-ev4k-5k1d-2bhu
36
vulnerability VCID-exjy-5cyn-zfg1
37
vulnerability VCID-fgqa-5fx9-nkaz
38
vulnerability VCID-fqkx-v8t5-q3h6
39
vulnerability VCID-g7mm-vjbw-bbhd
40
vulnerability VCID-g9ns-sxkx-aqh1
41
vulnerability VCID-gbdn-7ce2-zuf7
42
vulnerability VCID-h217-xe8x-nua3
43
vulnerability VCID-h7hf-sf2q-73ay
44
vulnerability VCID-hm4k-wbq3-r7ej
45
vulnerability VCID-huxd-2e6q-abak
46
vulnerability VCID-hzma-cduk-3uhp
47
vulnerability VCID-j6x1-dfre-2bdq
48
vulnerability VCID-jbkw-4x2d-fqcp
49
vulnerability VCID-jenc-czvj-g3gw
50
vulnerability VCID-jeqr-9tfu-f7b2
51
vulnerability VCID-jf28-91be-6kbr
52
vulnerability VCID-jmea-qzsr-wkf4
53
vulnerability VCID-jn38-wfec-7bb2
54
vulnerability VCID-kj76-rsr8-yqb3
55
vulnerability VCID-kp2p-nbmg-ufen
56
vulnerability VCID-kqu8-8c1n-73hr
57
vulnerability VCID-ks1q-a8x2-uqht
58
vulnerability VCID-m3nc-xbb4-yubr
59
vulnerability VCID-n18b-qe5x-z7cj
60
vulnerability VCID-n326-yy8y-xuap
61
vulnerability VCID-nhjv-nke2-2kf8
62
vulnerability VCID-nqqc-nkwq-rqhx
63
vulnerability VCID-nvbp-pbjw-3qgx
64
vulnerability VCID-p7gd-anw2-1qbz
65
vulnerability VCID-q5f3-nhjn-hyb4
66
vulnerability VCID-qek9-g3h8-nfdz
67
vulnerability VCID-rae3-cugy-hbh5
68
vulnerability VCID-rs13-zf7b-mka7
69
vulnerability VCID-s4re-vww7-sugb
70
vulnerability VCID-s97a-nmk8-y3ay
71
vulnerability VCID-sdz8-hju8-4bcb
72
vulnerability VCID-sn8n-mawq-3uht
73
vulnerability VCID-tgyt-axv1-c7ag
74
vulnerability VCID-u37d-tqqe-n7d4
75
vulnerability VCID-u4tq-8qnk-5fd7
76
vulnerability VCID-u6h1-ccgw-jqds
77
vulnerability VCID-ub3e-hrb1-wqac
78
vulnerability VCID-v2qy-dbf2-bffn
79
vulnerability VCID-vq15-t92r-5bhx
80
vulnerability VCID-w58p-3wg1-7ycr
81
vulnerability VCID-w65h-8a9d-ckgj
82
vulnerability VCID-wk4s-4bcd-2yb5
83
vulnerability VCID-wms8-dnuz-b3hc
84
vulnerability VCID-x175-xjek-97ds
85
vulnerability VCID-xpxg-qq49-b7fd
86
vulnerability VCID-xt7m-u9eb-fyd9
87
vulnerability VCID-xw1s-93bu-wuh9
88
vulnerability VCID-y1ap-y4az-x7ec
89
vulnerability VCID-yn6z-9v7k-x7br
90
vulnerability VCID-ys6f-g39p-fkfc
91
vulnerability VCID-zhvz-jzf3-2uac
92
vulnerability VCID-zru2-9g25-77dc
93
vulnerability VCID-zrz3-3dnf-tbay
94
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.9
3
url pkg:composer/typo3/cms@7.0.2
purl pkg:composer/typo3/cms@7.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1u4r-r97q-3yfk
1
vulnerability VCID-28fn-ncj5-2ufk
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-3ugj-6m1e-e3hr
5
vulnerability VCID-5hm4-ms5p-uuae
6
vulnerability VCID-5ru2-1n1f-afa4
7
vulnerability VCID-66kh-c1dm-8fbf
8
vulnerability VCID-7n9x-c9gs-9yb3
9
vulnerability VCID-8jcy-3kje-fqeh
10
vulnerability VCID-953t-q1cr-zyd6
11
vulnerability VCID-9899-uxyb-73gg
12
vulnerability VCID-abjx-8v46-d7d8
13
vulnerability VCID-ansr-8m5j-pya6
14
vulnerability VCID-c57c-akce-xufq
15
vulnerability VCID-cgqm-1wwf-kbg6
16
vulnerability VCID-dsqm-9q3e-dudw
17
vulnerability VCID-dwjk-7sqh-hqa8
18
vulnerability VCID-dyhd-5p1e-fya6
19
vulnerability VCID-e1gr-txgg-fqa6
20
vulnerability VCID-e1ms-4r4s-g7e7
21
vulnerability VCID-e2bk-pfbe-puek
22
vulnerability VCID-e82x-2cdb-7fgn
23
vulnerability VCID-ec17-eauu-67d3
24
vulnerability VCID-ev4k-5k1d-2bhu
25
vulnerability VCID-fdnw-2tz5-4fdr
26
vulnerability VCID-fqkx-v8t5-q3h6
27
vulnerability VCID-gpv4-4tpd-tbaa
28
vulnerability VCID-hm4k-wbq3-r7ej
29
vulnerability VCID-hp99-ncuh-6ugv
30
vulnerability VCID-hsw8-nbs6-auaa
31
vulnerability VCID-hyx9-8ae6-sba8
32
vulnerability VCID-j6x1-dfre-2bdq
33
vulnerability VCID-jp1p-rfxa-hyd9
34
vulnerability VCID-jq5y-7h9g-mufa
35
vulnerability VCID-jwb1-3sbg-kfa5
36
vulnerability VCID-n18b-qe5x-z7cj
37
vulnerability VCID-nhjv-nke2-2kf8
38
vulnerability VCID-njsj-bwjq-fyap
39
vulnerability VCID-nqqc-nkwq-rqhx
40
vulnerability VCID-p576-w7dd-p3h7
41
vulnerability VCID-p7gd-anw2-1qbz
42
vulnerability VCID-q5f3-nhjn-hyb4
43
vulnerability VCID-qcnh-z4zh-myaw
44
vulnerability VCID-qek9-g3h8-nfdz
45
vulnerability VCID-rae3-cugy-hbh5
46
vulnerability VCID-rs13-zf7b-mka7
47
vulnerability VCID-teby-zvvw-zkhv
48
vulnerability VCID-tzpj-j3x1-ekgk
49
vulnerability VCID-u6h1-ccgw-jqds
50
vulnerability VCID-ub3e-hrb1-wqac
51
vulnerability VCID-uq77-aax5-k7d8
52
vulnerability VCID-vq15-t92r-5bhx
53
vulnerability VCID-w65h-8a9d-ckgj
54
vulnerability VCID-wms8-dnuz-b3hc
55
vulnerability VCID-xvyu-2hb8-8ufh
56
vulnerability VCID-xw1s-93bu-wuh9
57
vulnerability VCID-ys6f-g39p-fkfc
58
vulnerability VCID-yz6t-ge1y-qfgr
59
vulnerability VCID-zru2-9g25-77dc
60
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.2
aliases CVE-2014-9509, GHSA-5479-gqqr-f9gj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2m-tcjn-fyby
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.14