Search for vulnerabilities
| Vulnerability ID | VCID-w4nd-1kan-xkgw |
| Aliases |
CVE-2012-1605
GHSA-7jfm-px59-99w8 |
| Summary | Typo3 Extbase Framework Unsafe Deserialization The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument." |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.0094 | https://api.first.org/data/v1/epss?cve=CVE-2012-1605 |
| epss | 0.0094 | https://api.first.org/data/v1/epss?cve=CVE-2012-1605 |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2012-1605 |
| generic_textual | MODERATE | https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771 |
| generic_textual | MODERATE | http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001 |
| generic_textual | MODERATE | http://www.openwall.com/lists/oss-security/2012/03/30/4 |
| Percentile | 0.75204 |
| EPSS Score | 0.0094 |
| Published At | June 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:27:18.648859+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-7jfm-px59-99w8/GHSA-7jfm-px59-99w8.json | 36.1.3 |