Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@6.2.38
Typecomposer
Namespacetypo3
Namecms
Version6.2.38
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.35
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-re9h-ze98-rbhu
vulnerability_id VCID-re9h-ze98-rbhu
summary 
Typo3 Cross-Site Scripting in Flash component (ELTS)
TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 included a vulnerable external component, which could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8091
reference_id
reference_type
scores
0
value 0.20517
scoring_system epss
scoring_elements 0.95625
published_at 2026-05-14T12:55:00Z
1
value 0.20517
scoring_system epss
scoring_elements 0.95556
published_at 2026-04-11T12:55:00Z
2
value 0.20517
scoring_system epss
scoring_elements 0.95557
published_at 2026-04-12T12:55:00Z
3
value 0.20517
scoring_system epss
scoring_elements 0.95559
published_at 2026-04-13T12:55:00Z
4
value 0.20517
scoring_system epss
scoring_elements 0.95567
published_at 2026-04-16T12:55:00Z
5
value 0.20517
scoring_system epss
scoring_elements 0.95573
published_at 2026-04-21T12:55:00Z
6
value 0.20517
scoring_system epss
scoring_elements 0.95574
published_at 2026-04-24T12:55:00Z
7
value 0.20517
scoring_system epss
scoring_elements 0.95576
published_at 2026-04-26T12:55:00Z
8
value 0.20517
scoring_system epss
scoring_elements 0.95575
published_at 2026-04-29T12:55:00Z
9
value 0.20517
scoring_system epss
scoring_elements 0.95591
published_at 2026-05-05T12:55:00Z
10
value 0.20517
scoring_system epss
scoring_elements 0.95594
published_at 2026-05-07T12:55:00Z
11
value 0.20517
scoring_system epss
scoring_elements 0.95601
published_at 2026-05-09T12:55:00Z
12
value 0.20517
scoring_system epss
scoring_elements 0.95607
published_at 2026-05-11T12:55:00Z
13
value 0.20517
scoring_system epss
scoring_elements 0.95611
published_at 2026-05-12T12:55:00Z
14
value 0.20517
scoring_system epss
scoring_elements 0.95524
published_at 2026-04-01T12:55:00Z
15
value 0.20517
scoring_system epss
scoring_elements 0.95532
published_at 2026-04-02T12:55:00Z
16
value 0.20517
scoring_system epss
scoring_elements 0.95538
published_at 2026-04-04T12:55:00Z
17
value 0.20517
scoring_system epss
scoring_elements 0.95542
published_at 2026-04-07T12:55:00Z
18
value 0.20517
scoring_system epss
scoring_elements 0.95549
published_at 2026-04-08T12:55:00Z
19
value 0.20517
scoring_system epss
scoring_elements 0.95552
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8091
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/blob/4cb53e828bd5138d180cdf9cac1ccf7fd31086d2/typo3/sysext/core/Documentation/Changelog/7.2/Breaking-65962-WebSVGLibraryAndAPIRemoved.rst
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/blob/4cb53e828bd5138d180cdf9cac1ccf7fd31086d2/typo3/sysext/core/Documentation/Changelog/7.2/Breaking-65962-WebSVGLibraryAndAPIRemoved.rst
3
reference_url https://github.com/TYPO3/typo3/commit/482e2e992f80f5e38cb48fcaea40fd9812a5252c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/482e2e992f80f5e38cb48fcaea40fd9812a5252c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8091
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8091
5
reference_url https://typo3.org/security/advisory/typo3-psa-2019-003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-psa-2019-003
6
reference_url https://typo3.org/security/advisory/typo3-psa-2019-003/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-psa-2019-003/
7
reference_url https://www.purplemet.com/blog/typo3-xss-vulnerability
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.purplemet.com/blog/typo3-xss-vulnerability
8
reference_url https://github.com/advisories/GHSA-qvhv-pwww-53jj
reference_id GHSA-qvhv-pwww-53jj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qvhv-pwww-53jj
fixed_packages
0
url pkg:composer/typo3/cms@6.2.39
purl pkg:composer/typo3/cms@6.2.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.39
1
url pkg:composer/typo3/cms@7.2.0
purl pkg:composer/typo3/cms@7.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-2rhx-afay-97da
3
vulnerability VCID-37wu-bjfj-k7eg
4
vulnerability VCID-4etp-u4pt-v7hm
5
vulnerability VCID-51ba-3ag9-rucn
6
vulnerability VCID-5jgb-dsyx-hyb4
7
vulnerability VCID-5paq-5frf-43ed
8
vulnerability VCID-6b5q-vzs3-pkcc
9
vulnerability VCID-6gms-w48j-4ffh
10
vulnerability VCID-6pvx-1qan-ukef
11
vulnerability VCID-6spw-66jg-syb1
12
vulnerability VCID-7zx9-8afq-y3hc
13
vulnerability VCID-b5ht-z6zp-pbht
14
vulnerability VCID-bajy-qbwq-fufn
15
vulnerability VCID-bnne-7p2q-eqd2
16
vulnerability VCID-buax-rz7x-r7c2
17
vulnerability VCID-bxjw-7426-gyb8
18
vulnerability VCID-cczn-x8q7-k7ba
19
vulnerability VCID-cjgc-q6p5-2ydc
20
vulnerability VCID-ck23-cxn6-bbf3
21
vulnerability VCID-dbrh-t8zx-nkd9
22
vulnerability VCID-dm97-51uu-r7gw
23
vulnerability VCID-dsu7-jjjq-f3e1
24
vulnerability VCID-ehzg-bzrd-kbcc
25
vulnerability VCID-f4pm-9tq5-q3ch
26
vulnerability VCID-gcnj-6qb6-pbgz
27
vulnerability VCID-h958-d3pm-kfcs
28
vulnerability VCID-jmu3-5k7e-x7ch
29
vulnerability VCID-jqx9-41zx-dbcy
30
vulnerability VCID-kgcq-paqm-9ya6
31
vulnerability VCID-kpze-14jy-xud9
32
vulnerability VCID-kqbk-4q4z-nkec
33
vulnerability VCID-mnz3-rj21-67ad
34
vulnerability VCID-n15v-ta9h-6ffb
35
vulnerability VCID-n78p-x7hh-gqcf
36
vulnerability VCID-ne8w-dpjw-7qf1
37
vulnerability VCID-nwxj-3ajk-rkh5
38
vulnerability VCID-pgzu-kxuj-j3fh
39
vulnerability VCID-pk8d-8u15-5bfq
40
vulnerability VCID-q6dx-uskc-y3hs
41
vulnerability VCID-qemc-8kj8-r3cd
42
vulnerability VCID-rdrs-mhaw-b3ge
43
vulnerability VCID-rwgf-2pfh-ufdz
44
vulnerability VCID-se8w-fv8x-tqde
45
vulnerability VCID-sr3p-pdxy-4yhu
46
vulnerability VCID-t3jn-vwbx-u7cr
47
vulnerability VCID-tmrt-6fxw-5ugh
48
vulnerability VCID-tw1y-t4qj-j3d1
49
vulnerability VCID-vndb-w8e1-4ugv
50
vulnerability VCID-wr5t-xqnn-gkcj
51
vulnerability VCID-ww44-zmx7-47ft
52
vulnerability VCID-wxps-mnue-6bbh
53
vulnerability VCID-xa4m-xpa9-v7h8
54
vulnerability VCID-xhq3-ts9t-sbdy
55
vulnerability VCID-xkpp-psz2-2kag
56
vulnerability VCID-xqew-bx7v-1qfk
57
vulnerability VCID-y32z-2d3f-gkgw
58
vulnerability VCID-zdq2-dhb2-6kaq
59
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.2.0
aliases CVE-2020-8091, GHSA-qvhv-pwww-53jj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-re9h-ze98-rbhu
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.38