VulnerableCode Package Details - pkg:composer/contao/core-bundle@4.11.8

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/contao/core-bundle@4.11.8

Essentials
History (2)

purl	pkg:composer/contao/core-bundle@4.11.8

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-rj3d-jeyz-vye5	Improper Privilege Management Contao is an open source CMS that allows creation of websites and scalable web applications.All users are advised to update to Contao As a workaround users may disable the form generator or disable the login for untrusted back end users.	CVE-2021-37627 GHSA-hq5m-mqmx-fw6m
VCID-t2u3-tgg3-cbb9	Code Injection Contao is an open source CMS that allows you to create websites and scalable web applications.Update to Contao to resolve. If you cannot update then disable the login for untrusted back end users.	CVE-2021-37626 GHSA-r6mv-ppjc-4hgr

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:39:36.542642+00:00	GitLab Importer	Fixing	VCID-t2u3-tgg3-cbb9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/contao/core-bundle/CVE-2021-37626.yml	38.6.0
2026-06-02T04:39:36.396941+00:00	GitLab Importer	Fixing	VCID-rj3d-jeyz-vye5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/contao/core-bundle/CVE-2021-37627.yml	38.6.0