{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","type":"composer","namespace":"typo3","name":"cms-core","version":"8.7.21","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"8.7.23","latest_non_vulnerable_version":"14.0.2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40495?format=json","vulnerability_id":"VCID-b92x-56ng-3ygy","summary":"Uncontrolled Resource Consumption\nDenial of Service in Frontend Record Registration.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-012/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-012/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57121?format=json","purl":"pkg:composer/typo3/cms-core@7.6.32","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@7.6.32"},{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"}],"aliases":["GMS-2018-91"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b92x-56ng-3ygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40508?format=json","vulnerability_id":"VCID-daz8-j1ns-rkgt","summary":"Information Disclosure in Install Tool.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-010/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-010/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57121?format=json","purl":"pkg:composer/typo3/cms-core@7.6.32","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@7.6.32"},{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["GMS-2018-89"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-daz8-j1ns-rkgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40499?format=json","vulnerability_id":"VCID-e9jc-8mpp-fkgh","summary":"Security Misconfiguration in Install Tool Cookie.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-009/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-009/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57121?format=json","purl":"pkg:composer/typo3/cms-core@7.6.32","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@7.6.32"},{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["GMS-2018-88"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9jc-8mpp-fkgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40498?format=json","vulnerability_id":"VCID-nyw8-q5ef-2fcv","summary":"Uncontrolled Resource Consumption\nDenial of Service in Online Media Asset Handling.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-011/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-011/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57121?format=json","purl":"pkg:composer/typo3/cms-core@7.6.32","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@7.6.32"},{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["GMS-2018-90"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyw8-q5ef-2fcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40502?format=json","vulnerability_id":"VCID-pwh8-c992-vqav","summary":"Cross-site Scripting\nCross-Site Scripting in CKEditor.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-005/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-005/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["GMS-2018-92"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwh8-c992-vqav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40440?format=json","vulnerability_id":"VCID-qxab-9uwr-yqhv","summary":"Cross-site Scripting\nCKEditor allows user-assisted XSS involving a source-mode paste.","references":[{"reference_url":"https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/","reference_id":"","reference_type":"","scores":[],"url":"https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/"},{"reference_url":"https://ckeditor.com/cke4/release/CKEditor-4.11.0","reference_id":"","reference_type":"","scores":[],"url":"https://ckeditor.com/cke4/release/CKEditor-4.11.0"},{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-005","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-005"},{"reference_url":"https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17960","reference_id":"CVE-2018-17960","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17960"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml","reference_id":"CVE-2018-17960.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml","reference_id":"CVE-2018-17960.YAML","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml"},{"reference_url":"https://github.com/advisories/GHSA-g68x-vvqq-pvw3","reference_id":"GHSA-g68x-vvqq-pvw3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g68x-vvqq-pvw3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["CVE-2018-17960","GHSA-g68x-vvqq-pvw3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qxab-9uwr-yqhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40493?format=json","vulnerability_id":"VCID-uaf3-fyst-u7gm","summary":"Cross-site Scripting\nCross-Site Scripting in Backend Modal Component.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-007/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-007/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57121?format=json","purl":"pkg:composer/typo3/cms-core@7.6.32","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@7.6.32"},{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["GMS-2018-86"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uaf3-fyst-u7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40510?format=json","vulnerability_id":"VCID-uncp-sa58-ufdd","summary":"Cross-site Scripting\nCross-Site Scripting in Online Media Asset Rendering.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-006/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-006/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57121?format=json","purl":"pkg:composer/typo3/cms-core@7.6.32","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@7.6.32"},{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["GMS-2018-85"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uncp-sa58-ufdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40506?format=json","vulnerability_id":"VCID-z2bk-m2kw-h3c9","summary":"Cross-site Scripting\nCross-Site Scripting in Frontend User Login.","references":[{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2018-008/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/security/advisory/typo3-core-sa-2018-008/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57121?format=json","purl":"pkg:composer/typo3/cms-core@7.6.32","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@7.6.32"},{"url":"http://public2.vulnerablecode.io/api/packages/57058?format=json","purl":"pkg:composer/typo3/cms-core@8.7.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"},{"url":"http://public2.vulnerablecode.io/api/packages/57059?format=json","purl":"pkg:composer/typo3/cms-core@9.5.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@9.5.2"}],"aliases":["GMS-2018-87"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2bk-m2kw-h3c9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms-core@8.7.21"}