Search for packages
| purl | pkg:composer/typo3/cms@4.0.9 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-69fr-ztbp-z7gg
Aliases: CVE-2009-0258 GHSA-74w6-ww7w-45j9 |
Improper Input Validation The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zkmd-h3ch-ebbg
Aliases: CVE-2009-0256 GHSA-q45q-5233-229p |
Improper Authentication Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:00:36.465964+00:00 | GHSA Importer | Affected by | VCID-69fr-ztbp-z7gg | https://github.com/advisories/GHSA-74w6-ww7w-45j9 | 38.0.0 |
| 2026-04-01T16:00:36.329821+00:00 | GHSA Importer | Affected by | VCID-zkmd-h3ch-ebbg | https://github.com/advisories/GHSA-q45q-5233-229p | 38.0.0 |
| 2026-04-01T12:50:01.627374+00:00 | GitLab Importer | Affected by | VCID-69fr-ztbp-z7gg | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/CVE-2009-0258.yml | 38.0.0 |
| 2026-04-01T12:50:01.516898+00:00 | GitLab Importer | Affected by | VCID-zkmd-h3ch-ebbg | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/CVE-2009-0256.yml | 38.0.0 |