{"url":"http://public2.vulnerablecode.io/api/packages/61878?format=json","purl":"pkg:composer/typo3/cms@4.3.0-beta1","type":"composer","namespace":"typo3","name":"cms","version":"4.3.0-beta1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.3.0-beta2","latest_non_vulnerable_version":"12.2.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43215?format=json","vulnerability_id":"VCID-2tyf-qcd3-yybj","summary":"TYPO3 Install Tool Subcomponent Allows Access Using Only a Password's MD5 Hash as a Credential\nThe Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to gain access by using only the password's md5 hash as a credential.","references":[{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/53928","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/53928"},{"reference_url":"https://github.com/TYPO3/typo3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/TYPO3/typo3"},{"reference_url":"https://web.archive.org/web/20100105023145/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20100105023145/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016"},{"reference_url":"https://web.archive.org/web/20200229210314/http://www.securityfocus.com/bid/36801","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200229210314/http://www.securityfocus.com/bid/36801"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3635","reference_id":"CVE-2009-3635","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3635"},{"reference_url":"https://github.com/advisories/GHSA-hwrc-w5gg-f335","reference_id":"GHSA-hwrc-w5gg-f335","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hwrc-w5gg-f335"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61881?format=json","purl":"pkg:composer/typo3/cms@4.3.0-beta2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.3.0-beta2"}],"aliases":["CVE-2009-3635","GHSA-hwrc-w5gg-f335"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2tyf-qcd3-yybj"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.3.0-beta1"}