Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/994224?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/994224?format=api", "purl": "pkg:composer/typo3/cms@4.7.18", "type": "composer", "namespace": "typo3", "name": "cms", "version": "4.7.18", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "10.4.35", "latest_non_vulnerable_version": "12.2.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15673?format=api", "vulnerability_id": "VCID-9j2h-q1n5-kbgt", "summary": "Typo3 XSS Vulnerabilities\nMultiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.42982", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43194", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43161", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43205", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43195", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43128", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43062", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43064", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43083", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43142", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43107", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.4316", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43173", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2014-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2014-001" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001" }, { "reference_url": "https://web.archive.org/web/20200229060129/http://www.securityfocus.com/bid/67625", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229060129/http://www.securityfocus.com/bid/67625" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2942", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2942" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/06/03/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/06/03/2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3943", "reference_id": "CVE-2014-3943", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3943" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3943.yaml", "reference_id": "CVE-2014-3943.YAML", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3943.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-qqh2-h6gw-6x8x", "reference_id": "GHSA-qqh2-h6gw-6x8x", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qqh2-h6gw-6x8x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54357?format=api", "purl": "pkg:composer/typo3/cms@4.7.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.7.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/54358?format=api", "purl": "pkg:composer/typo3/cms@6.0.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-vbbx-pk8m-jfhd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/54359?format=api", "purl": "pkg:composer/typo3/cms@6.1.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/20696?format=api", "purl": "pkg:composer/typo3/cms@6.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bnd-6xsq-nbec" }, { "vulnerability": "VCID-1jcy-nx8g-z3d3" }, { "vulnerability": "VCID-1ng4-5tkh-g7h5" }, { "vulnerability": "VCID-1qjx-grvf-y7bk" }, { "vulnerability": "VCID-25t3-1sm6-3kdn" }, { "vulnerability": "VCID-2rhx-afay-97da" }, { "vulnerability": "VCID-37wu-bjfj-k7eg" }, { "vulnerability": "VCID-3m2z-stmy-u7hm" }, { "vulnerability": "VCID-3m53-kkk2-j7c2" }, { "vulnerability": "VCID-435j-f3yx-9yep" }, { "vulnerability": "VCID-48jz-wwt8-33hx" }, { "vulnerability": "VCID-4etp-u4pt-v7hm" }, { "vulnerability": "VCID-51ba-3ag9-rucn" }, { "vulnerability": "VCID-5jgb-dsyx-hyb4" }, { "vulnerability": "VCID-5ppt-avmb-cqb2" }, { "vulnerability": "VCID-6gms-w48j-4ffh" }, { "vulnerability": "VCID-6pvx-1qan-ukef" }, { "vulnerability": "VCID-6spw-66jg-syb1" }, { "vulnerability": "VCID-6wsa-4ywc-8fh4" }, { "vulnerability": "VCID-7d1g-j3k5-gub8" }, { "vulnerability": "VCID-7ngg-6yuz-jkge" }, { "vulnerability": "VCID-7zx9-8afq-y3hc" }, { "vulnerability": "VCID-8jp8-a363-67be" }, { "vulnerability": "VCID-99uu-rfrf-bqa7" }, { "vulnerability": "VCID-adk5-989d-jkc9" }, { "vulnerability": "VCID-asym-tgh2-1kg8" }, { "vulnerability": "VCID-b45y-dr1a-7qd7" }, { "vulnerability": "VCID-b5ht-z6zp-pbht" }, { "vulnerability": "VCID-b715-6z6c-qqar" }, { "vulnerability": "VCID-bck9-34jp-6ydx" }, { "vulnerability": "VCID-buax-rz7x-r7c2" }, { "vulnerability": "VCID-c6zq-cfg5-u7d9" }, { "vulnerability": "VCID-cczn-x8q7-k7ba" }, { "vulnerability": "VCID-cjgc-q6p5-2ydc" }, { "vulnerability": "VCID-ck23-cxn6-bbf3" }, { "vulnerability": "VCID-dp6j-gnk4-rkd5" }, { "vulnerability": "VCID-dsu7-jjjq-f3e1" }, { "vulnerability": "VCID-f4pm-9tq5-q3ch" }, { "vulnerability": "VCID-f963-qur3-2qb7" }, { "vulnerability": "VCID-fber-yp9q-f7dr" }, { "vulnerability": "VCID-fqbx-7xyq-fkav" }, { "vulnerability": "VCID-g4ak-ertr-rya6" }, { "vulnerability": "VCID-gcnj-6qb6-pbgz" }, { "vulnerability": "VCID-gezz-pvpj-p3c6" }, { "vulnerability": "VCID-gnna-yjv5-cya2" }, { "vulnerability": "VCID-gspd-apwy-efgu" }, { "vulnerability": "VCID-h2dd-7b1r-k7bs" }, { "vulnerability": "VCID-h958-d3pm-kfcs" }, { "vulnerability": "VCID-heyy-me7v-jyf5" }, { "vulnerability": "VCID-hkk9-f78q-xqd2" }, { "vulnerability": "VCID-hpju-vhzg-jyes" }, { "vulnerability": "VCID-hv3n-j8ck-1ufx" }, { "vulnerability": "VCID-jmu3-5k7e-x7ch" }, { "vulnerability": "VCID-jqx9-41zx-dbcy" }, { "vulnerability": "VCID-kgcq-paqm-9ya6" }, { "vulnerability": "VCID-kpze-14jy-xud9" }, { "vulnerability": "VCID-kqbk-4q4z-nkec" }, { "vulnerability": "VCID-kuq7-h4ex-tkgc" }, { "vulnerability": "VCID-m3nf-1qbv-d3dj" }, { "vulnerability": "VCID-m43j-8zeh-47gz" }, { "vulnerability": "VCID-mc8q-fhyf-ekfj" }, { "vulnerability": "VCID-mhud-kq57-nka3" }, { "vulnerability": "VCID-mqk6-z77g-bfdv" }, { "vulnerability": "VCID-n61z-6v8a-hygf" }, { "vulnerability": "VCID-nbzv-ppzf-53ae" }, { "vulnerability": "VCID-ne8w-dpjw-7qf1" }, { "vulnerability": "VCID-nnh9-udcj-m7fv" }, { "vulnerability": "VCID-npn5-rand-q3dg" }, { "vulnerability": "VCID-nwxj-3ajk-rkh5" }, { "vulnerability": "VCID-p1u9-66hm-47er" }, { "vulnerability": "VCID-p545-vwe6-9kfr" }, { "vulnerability": "VCID-pgzu-kxuj-j3fh" }, { "vulnerability": "VCID-prbd-r82t-87dm" }, { "vulnerability": "VCID-q6dx-uskc-y3hs" }, { "vulnerability": "VCID-q9ak-qcq6-qfhy" }, { "vulnerability": "VCID-qemc-8kj8-r3cd" }, { "vulnerability": "VCID-re8y-zb3u-57h2" }, { "vulnerability": "VCID-re9h-ze98-rbhu" }, { "vulnerability": "VCID-rg5d-d8nc-9qfu" }, { "vulnerability": "VCID-rkms-w15c-4yb1" }, { "vulnerability": "VCID-rwgf-2pfh-ufdz" }, { "vulnerability": "VCID-s49m-kyu7-vbee" }, { "vulnerability": "VCID-s8h9-rdvk-9yfp" }, { "vulnerability": "VCID-se8w-fv8x-tqde" }, { "vulnerability": "VCID-sszj-qy2p-ebbd" }, { "vulnerability": "VCID-u347-jazz-zke4" }, { "vulnerability": "VCID-u7nx-p1g7-cqhw" }, { "vulnerability": "VCID-uckg-j48d-efad" }, { "vulnerability": "VCID-uj89-13ub-43fz" }, { "vulnerability": "VCID-utpu-q2dv-m3hm" }, { "vulnerability": "VCID-vbbx-pk8m-jfhd" }, { "vulnerability": "VCID-w5pn-eb7y-1kdp" }, { "vulnerability": "VCID-wq32-kgff-gke8" }, { "vulnerability": "VCID-ww44-zmx7-47ft" }, { "vulnerability": "VCID-xa4m-xpa9-v7h8" }, { "vulnerability": "VCID-xhq3-ts9t-sbdy" }, { "vulnerability": "VCID-xkpp-psz2-2kag" }, { "vulnerability": "VCID-xp55-jxjr-zqcb" }, { "vulnerability": "VCID-xwtv-48ph-6fb6" }, { "vulnerability": "VCID-z41h-5mem-gfc7" }, { "vulnerability": "VCID-z5qq-nwn5-tqgm" }, { "vulnerability": "VCID-zdq2-dhb2-6kaq" }, { "vulnerability": "VCID-zeku-t9fv-kych" }, { "vulnerability": "VCID-zp3u-ukzs-ukf6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3" } ], "aliases": [ "CVE-2014-3943", "GHSA-qqh2-h6gw-6x8x" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9j2h-q1n5-kbgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15587?format=api", "vulnerability_id": "VCID-d79s-4kzk-hugy", "summary": "Typo3 Host Header Spoofing Vulnerability\nTYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to \"Host Spoofing.\"", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3941", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51007", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51084", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51106", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51112", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51089", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51038", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51046", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51026", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51051", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51008", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51065", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51062", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51105", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001" }, { "reference_url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2942", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2942" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/06/03/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/06/03/2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3941", "reference_id": "CVE-2014-3941", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3941" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3941.yaml", "reference_id": "CVE-2014-3941.YAML", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3941.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-594h-cx6w-p4jf", "reference_id": "GHSA-594h-cx6w-p4jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-594h-cx6w-p4jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54357?format=api", "purl": "pkg:composer/typo3/cms@4.7.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.7.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/54358?format=api", "purl": "pkg:composer/typo3/cms@6.0.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-vbbx-pk8m-jfhd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/54359?format=api", "purl": "pkg:composer/typo3/cms@6.1.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/20696?format=api", "purl": "pkg:composer/typo3/cms@6.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bnd-6xsq-nbec" }, { "vulnerability": "VCID-1jcy-nx8g-z3d3" }, { "vulnerability": "VCID-1ng4-5tkh-g7h5" }, { "vulnerability": "VCID-1qjx-grvf-y7bk" }, { "vulnerability": "VCID-25t3-1sm6-3kdn" }, { "vulnerability": "VCID-2rhx-afay-97da" }, { "vulnerability": "VCID-37wu-bjfj-k7eg" }, { "vulnerability": "VCID-3m2z-stmy-u7hm" }, { "vulnerability": "VCID-3m53-kkk2-j7c2" }, { "vulnerability": "VCID-435j-f3yx-9yep" }, { "vulnerability": "VCID-48jz-wwt8-33hx" }, { "vulnerability": "VCID-4etp-u4pt-v7hm" }, { "vulnerability": "VCID-51ba-3ag9-rucn" }, { "vulnerability": "VCID-5jgb-dsyx-hyb4" }, { "vulnerability": "VCID-5ppt-avmb-cqb2" }, { "vulnerability": "VCID-6gms-w48j-4ffh" }, { "vulnerability": "VCID-6pvx-1qan-ukef" }, { "vulnerability": "VCID-6spw-66jg-syb1" }, { "vulnerability": "VCID-6wsa-4ywc-8fh4" }, { "vulnerability": "VCID-7d1g-j3k5-gub8" }, { "vulnerability": "VCID-7ngg-6yuz-jkge" }, { "vulnerability": "VCID-7zx9-8afq-y3hc" }, { "vulnerability": "VCID-8jp8-a363-67be" }, { "vulnerability": "VCID-99uu-rfrf-bqa7" }, { "vulnerability": "VCID-adk5-989d-jkc9" }, { "vulnerability": "VCID-asym-tgh2-1kg8" }, { "vulnerability": "VCID-b45y-dr1a-7qd7" }, { "vulnerability": "VCID-b5ht-z6zp-pbht" }, { "vulnerability": "VCID-b715-6z6c-qqar" }, { "vulnerability": "VCID-bck9-34jp-6ydx" }, { "vulnerability": "VCID-buax-rz7x-r7c2" }, { "vulnerability": "VCID-c6zq-cfg5-u7d9" }, { "vulnerability": "VCID-cczn-x8q7-k7ba" }, { "vulnerability": "VCID-cjgc-q6p5-2ydc" }, { "vulnerability": "VCID-ck23-cxn6-bbf3" }, { "vulnerability": "VCID-dp6j-gnk4-rkd5" }, { "vulnerability": "VCID-dsu7-jjjq-f3e1" }, { "vulnerability": "VCID-f4pm-9tq5-q3ch" }, { "vulnerability": "VCID-f963-qur3-2qb7" }, { "vulnerability": "VCID-fber-yp9q-f7dr" }, { "vulnerability": "VCID-fqbx-7xyq-fkav" }, { "vulnerability": "VCID-g4ak-ertr-rya6" }, { "vulnerability": "VCID-gcnj-6qb6-pbgz" }, { "vulnerability": "VCID-gezz-pvpj-p3c6" }, { "vulnerability": "VCID-gnna-yjv5-cya2" }, { "vulnerability": "VCID-gspd-apwy-efgu" }, { "vulnerability": "VCID-h2dd-7b1r-k7bs" }, { "vulnerability": "VCID-h958-d3pm-kfcs" }, { "vulnerability": "VCID-heyy-me7v-jyf5" }, { "vulnerability": "VCID-hkk9-f78q-xqd2" }, { "vulnerability": "VCID-hpju-vhzg-jyes" }, { "vulnerability": "VCID-hv3n-j8ck-1ufx" }, { "vulnerability": "VCID-jmu3-5k7e-x7ch" }, { "vulnerability": "VCID-jqx9-41zx-dbcy" }, { "vulnerability": "VCID-kgcq-paqm-9ya6" }, { "vulnerability": "VCID-kpze-14jy-xud9" }, { "vulnerability": "VCID-kqbk-4q4z-nkec" }, { "vulnerability": "VCID-kuq7-h4ex-tkgc" }, { "vulnerability": "VCID-m3nf-1qbv-d3dj" }, { "vulnerability": "VCID-m43j-8zeh-47gz" }, { "vulnerability": "VCID-mc8q-fhyf-ekfj" }, { "vulnerability": "VCID-mhud-kq57-nka3" }, { "vulnerability": "VCID-mqk6-z77g-bfdv" }, { "vulnerability": "VCID-n61z-6v8a-hygf" }, { "vulnerability": "VCID-nbzv-ppzf-53ae" }, { "vulnerability": "VCID-ne8w-dpjw-7qf1" }, { "vulnerability": "VCID-nnh9-udcj-m7fv" }, { "vulnerability": "VCID-npn5-rand-q3dg" }, { "vulnerability": "VCID-nwxj-3ajk-rkh5" }, { "vulnerability": "VCID-p1u9-66hm-47er" }, { "vulnerability": "VCID-p545-vwe6-9kfr" }, { "vulnerability": "VCID-pgzu-kxuj-j3fh" }, { "vulnerability": "VCID-prbd-r82t-87dm" }, { "vulnerability": "VCID-q6dx-uskc-y3hs" }, { "vulnerability": "VCID-q9ak-qcq6-qfhy" }, { "vulnerability": "VCID-qemc-8kj8-r3cd" }, { "vulnerability": "VCID-re8y-zb3u-57h2" }, { "vulnerability": "VCID-re9h-ze98-rbhu" }, { "vulnerability": "VCID-rg5d-d8nc-9qfu" }, { "vulnerability": "VCID-rkms-w15c-4yb1" }, { "vulnerability": "VCID-rwgf-2pfh-ufdz" }, { "vulnerability": "VCID-s49m-kyu7-vbee" }, { "vulnerability": "VCID-s8h9-rdvk-9yfp" }, { "vulnerability": "VCID-se8w-fv8x-tqde" }, { "vulnerability": "VCID-sszj-qy2p-ebbd" }, { "vulnerability": "VCID-u347-jazz-zke4" }, { "vulnerability": "VCID-u7nx-p1g7-cqhw" }, { "vulnerability": "VCID-uckg-j48d-efad" }, { "vulnerability": "VCID-uj89-13ub-43fz" }, { "vulnerability": "VCID-utpu-q2dv-m3hm" }, { "vulnerability": "VCID-vbbx-pk8m-jfhd" }, { "vulnerability": "VCID-w5pn-eb7y-1kdp" }, { "vulnerability": "VCID-wq32-kgff-gke8" }, { "vulnerability": "VCID-ww44-zmx7-47ft" }, { "vulnerability": "VCID-xa4m-xpa9-v7h8" }, { "vulnerability": "VCID-xhq3-ts9t-sbdy" }, { "vulnerability": "VCID-xkpp-psz2-2kag" }, { "vulnerability": "VCID-xp55-jxjr-zqcb" }, { "vulnerability": "VCID-xwtv-48ph-6fb6" }, { "vulnerability": "VCID-z41h-5mem-gfc7" }, { "vulnerability": "VCID-z5qq-nwn5-tqgm" }, { "vulnerability": "VCID-zdq2-dhb2-6kaq" }, { "vulnerability": "VCID-zeku-t9fv-kych" }, { "vulnerability": "VCID-zp3u-ukzs-ukf6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3" } ], "aliases": [ "CVE-2014-3941", "GHSA-594h-cx6w-p4jf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d79s-4kzk-hugy" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.7.18" }