Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/typo3/cms-install@4.3.0
purl pkg:composer/typo3/cms-install@4.3.0
Next non-vulnerable version 4.3.4
Latest non-vulnerable version 12.4.8
Risk
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-jv8p-qvwg-k3eq
Aliases:
CVE-2010-3671
GHSA-gqmh-5xmq-3fhg
Session Fixation TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.
4.3.4
Affected by 0 other vulnerabilities.
4.4.1
Affected by 0 other vulnerabilities.
VCID-spfb-gnjs-97cq
Aliases:
CVE-2010-3666
GHSA-c7xr-736p-29j3
Use of Insufficiently Random Values TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function.
4.3.4
Affected by 0 other vulnerabilities.
4.4.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:42:04.643994+00:00 GitLab Importer Affected by VCID-spfb-gnjs-97cq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-install/CVE-2010-3666.yml 38.6.0
2026-06-02T04:42:04.452321+00:00 GitLab Importer Affected by VCID-jv8p-qvwg-k3eq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-install/CVE-2010-3671.yml 38.6.0