{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","type":"composer","namespace":"typo3","name":"cms","version":"8.2.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"8.7.5","latest_non_vulnerable_version":"12.2.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38829?format=json","vulnerability_id":"VCID-h7cg-64er-uya9","summary":"Unrestricted Upload of File with Dangerous Type\nUnrestricted File Upload vulnerability in the `fileDenyPattern` in `sysext/core/Classes/Core/SystemEnvironmentBuilder`.","references":[{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/"},{"reference_url":"http://www.securityfocus.com/bid/100620","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100620"},{"reference_url":"http://www.securitytracker.com/id/1039295","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039295"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14251","reference_id":"CVE-2017-14251","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14251"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54048?format=json","purl":"pkg:composer/typo3/cms@8.7.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5"}],"aliases":["CVE-2017-14251"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7cg-64er-uya9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38164?format=json","vulnerability_id":"VCID-2vpx-fqb6-aqfa","summary":"Cross-site Scripting\nCross-Site Scripting in third party library `mso/idna-convert`.","references":[{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-020","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-020"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52837?format=json","purl":"pkg:composer/typo3/cms@7.6.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h7cg-64er-uya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}],"aliases":["GMS-2016-154"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vpx-fqb6-aqfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38160?format=json","vulnerability_id":"VCID-bq2j-t19h-zyad","summary":"Improper Access Control\nPHP does not attempt to address RFC section namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the `HTTP_PROXY` environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an `httpoxy` issue.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1609.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1609.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1610.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1610.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1611.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1611.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1612.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1612.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1613.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1613.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353794","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353794"},{"reference_url":"https://github.com/amphp/artax/commit/81254742812a5a9adf4b085f543f3f21daedcd97","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/amphp/artax/commit/81254742812a5a9adf4b085f543f3f21daedcd97"},{"reference_url":"https://github.com/amphp/artax/commit/b60cf493c9e577a3678865f620b1eb61ab3d7ca9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/amphp/artax/commit/b60cf493c9e577a3678865f620b1eb61ab3d7ca9"},{"reference_url":"https://github.com/bugsnag/bugsnag-laravel/pull/143","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/bugsnag/bugsnag-laravel/pull/143"},{"reference_url":"https://github.com/bugsnag/bugsnag-laravel/pull/145","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/bugsnag/bugsnag-laravel/pull/145"},{"reference_url":"https://github.com/bugsnag/bugsnag-laravel/releases/tag/v2.0.2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/bugsnag/bugsnag-laravel/releases/tag/v2.0.2"},{"reference_url":"https://github.com/guzzle/guzzle/blob/4.x/CHANGELOG.md#424-2016-07-18","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/guzzle/guzzle/blob/4.x/CHANGELOG.md#424-2016-07-18"},{"reference_url":"https://github.com/guzzle/guzzle/blob/5.3/CHANGELOG.md#531---2016-07-18","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/guzzle/guzzle/blob/5.3/CHANGELOG.md#531---2016-07-18"},{"reference_url":"https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md#622---2016-10-08","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md#622---2016-10-08"},{"reference_url":"https://github.com/guzzle/guzzle/releases/tag/6.2.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/guzzle/guzzle/releases/tag/6.2.1"},{"reference_url":"https://github.com/humbug/file_get_contents/pull/23","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/humbug/file_get_contents/pull/23"},{"reference_url":"https://github.com/humbug/file_get_contents/pull/23/commits/848e8c282a863654e76bd958acfb57c81cb739b5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/humbug/file_get_contents/pull/23/commits/848e8c282a863654e76bd958acfb57c81cb739b5"},{"reference_url":"https://github.com/humbug/file_get_contents/releases/tag/1.1.2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/humbug/file_get_contents/releases/tag/1.1.2"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"},{"reference_url":"https://httpoxy.org/","reference_id":"","reference_type":"","scores":[],"url":"https://httpoxy.org/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"},{"reference_url":"https://security.gentoo.org/glsa/201611-22","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-22"},{"reference_url":"https://twitter.com/asyncphp/status/755136084917583872","reference_id":"","reference_type":"","scores":[],"url":"https://twitter.com/asyncphp/status/755136084917583872"},{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2016-019","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2016-019"},{"reference_url":"https://www.drupal.org/SA-CORE-2016-003","reference_id":"","reference_type":"","scores":[],"url":"https://www.drupal.org/SA-CORE-2016-003"},{"reference_url":"http://www.debian.org/security/2016/dsa-3631","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3631"},{"reference_url":"http://www.kb.cert.org/vuls/id/797896","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/797896"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/91821","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91821"},{"reference_url":"http://www.securitytracker.com/id/1036335","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036335"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5385","reference_id":"CVE-2016-5385","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5385"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/amphp/artax/CVE-2016-5385.yaml","reference_id":"CVE-2016-5385.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/amphp/artax/CVE-2016-5385.yaml"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/bugsnag/bugsnag-laravel/CVE-2016-5385.yaml","reference_id":"CVE-2016-5385.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/bugsnag/bugsnag-laravel/CVE-2016-5385.yaml"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-5385.yaml","reference_id":"CVE-2016-5385.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-5385.yaml"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-5385.yaml","reference_id":"CVE-2016-5385.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-5385.yaml"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2016-5385.yaml","reference_id":"CVE-2016-5385.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2016-5385.yaml"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/padraic/humbug_get_contents/CVE-2016-5385.yaml","reference_id":"CVE-2016-5385.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/padraic/humbug_get_contents/CVE-2016-5385.yaml"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2016-5385.yaml","reference_id":"CVE-2016-5385.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2016-5385.yaml"},{"reference_url":"https://github.com/advisories/GHSA-m6ch-gg5f-wxx3","reference_id":"GHSA-m6ch-gg5f-wxx3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m6ch-gg5f-wxx3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h7cg-64er-uya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}],"aliases":["CVE-2016-5385","GHSA-m6ch-gg5f-wxx3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bq2j-t19h-zyad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38167?format=json","vulnerability_id":"VCID-gk79-jtuz-myh6","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nEnvironment Variable Injection.","references":[{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-019","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-019"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h7cg-64er-uya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}],"aliases":["GMS-2016-153"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gk79-jtuz-myh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38163?format=json","vulnerability_id":"VCID-jeqr-9tfu-f7b2","summary":"Deserialization of Untrusted Data\nInsecure Unserialize in TYPO3 Import/Export.","references":[{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-015","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-015"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52836?format=json","purl":"pkg:composer/typo3/cms@6.2.26","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.26"},{"url":"http://public2.vulnerablecode.io/api/packages/52837?format=json","purl":"pkg:composer/typo3/cms@7.6.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h7cg-64er-uya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}],"aliases":["GMS-2016-149"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jeqr-9tfu-f7b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38165?format=json","vulnerability_id":"VCID-ks1q-a8x2-uqht","summary":"Information Disclosure in TYPO3 Backend.","references":[{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-017","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-017"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52836?format=json","purl":"pkg:composer/typo3/cms@6.2.26","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.26"},{"url":"http://public2.vulnerablecode.io/api/packages/52837?format=json","purl":"pkg:composer/typo3/cms@7.6.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h7cg-64er-uya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}],"aliases":["GMS-2016-151"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ks1q-a8x2-uqht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38166?format=json","vulnerability_id":"VCID-m3nc-xbb4-yubr","summary":"Cross-site Scripting\nCross-Site Scripting in TYPO3 Backend.","references":[{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-014/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-014/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52836?format=json","purl":"pkg:composer/typo3/cms@6.2.26","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.26"},{"url":"http://public2.vulnerablecode.io/api/packages/52837?format=json","purl":"pkg:composer/typo3/cms@7.6.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h7cg-64er-uya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}],"aliases":["GMS-2016-148"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m3nc-xbb4-yubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38168?format=json","vulnerability_id":"VCID-zrz3-3dnf-tbay","summary":"Cross-site Scripting\nCross-Site Scripting vulnerability in typolinks.","references":[{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-018","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-018"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52836?format=json","purl":"pkg:composer/typo3/cms@6.2.26","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.26"},{"url":"http://public2.vulnerablecode.io/api/packages/52837?format=json","purl":"pkg:composer/typo3/cms@7.6.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/52838?format=json","purl":"pkg:composer/typo3/cms@8.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h7cg-64er-uya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}],"aliases":["GMS-2016-152"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zrz3-3dnf-tbay"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.2.1"}