Search for packages
| purl | pkg:composer/typo3/cms@4.2.3 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2vwe-5wpk-ebdj
Aliases: CVE-2009-0256 GHSA-q45q-5233-229p |
Authentication library in TYPO3 vulnerable to session fixation Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication. |
Affected by 0 other vulnerabilities. |
|
VCID-3vtw-fru3-gqf7
Aliases: CVE-2009-0258 GHSA-74w6-ww7w-45j9 |
Indexed Search Engine for TYPO3 Command Execution via Metacharacter Injection The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T18:13:06.986753+00:00 | GitLab Importer | Affected by | VCID-3vtw-fru3-gqf7 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/CVE-2009-0258.yml | 36.1.3 |
| 2025-07-01T18:13:06.877771+00:00 | GitLab Importer | Affected by | VCID-2vwe-5wpk-ebdj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/CVE-2009-0256.yml | 36.1.3 |
| 2025-07-01T14:31:49.339654+00:00 | GHSA Importer | Affected by | VCID-3vtw-fru3-gqf7 | https://github.com/advisories/GHSA-74w6-ww7w-45j9 | 36.1.3 |
| 2025-07-01T14:31:49.246599+00:00 | GHSA Importer | Affected by | VCID-2vwe-5wpk-ebdj | https://github.com/advisories/GHSA-q45q-5233-229p | 36.1.3 |