prod

Typo3 10.4

14 vulnérabilités sur 3 paquets ont été trouvés

1 paquets abandonnés ont été trouvés



Dernière analyse : il y a 11 heures share

Pas de résultat.

14 vulnérabilités sur 3 paquets ont été trouvés


high  TYPO3 vulnerable to Improper Access Control Persisting File Abstraction Layer Entities via Data Handler
Versions affectées : =13.0.0|>=12.0.0,<=12.4.10|>=11.0.0,<=11.5.34|>=10.0.0,<=10.4.42|>=9.0.0,<=9.5.45|>=8.0.0,<=8.7.56
Versions patchées : 8.7.57 9.5.46 10.4.43 11.5.35 12.4.11 13.0.1 https://github.com/advisories/GHSA-rj3x-wvc6-5j66
high  TYPO3 Install Tool vulnerable to Code Execution
Versions affectées : =13.0.0|>=12.0.0,<=12.4.10|>=11.0.0,<=11.5.34|>=10.0.0,<=10.4.42|>=9.0.0,<=9.5.45|>=8.0.0,<=8.7.56
Versions patchées : 8.7.57 9.5.46 10.4.43 11.5.35 12.4.11 13.0.1 https://github.com/advisories/GHSA-5w2h-59j3-8x5w
medium  TYPO3 vulnerable to Cross-Site Scripting in the ShowImageController
Versions affectées : >=13.0.0,<=13.1.0|>=12.0.0,<=12.4.14|>=11.0.0,<=11.5.36|>=10.0.0,<=10.4.44|>=9.0.0,<=9.5.47
Versions patchées : 9.5.48 10.4.45 11.5.37 12.4.15 13.1.1 https://github.com/advisories/GHSA-hw6c-6gwq-3m3m
medium  TYPO3 vulnerable to Cross-Site Scripting in the Form Manager Module
Versions affectées : >=13.0.0,<=13.1.0|>=12.0.0,<=12.4.14|>=11.0.0,<=11.5.36|>=10.0.0,<=10.4.44|>=9.0.0,<=9.5.47
Versions patchées : 9.5.48 10.4.45 11.5.37 12.4.15 13.1.1 https://github.com/advisories/GHSA-v6mw-h7w6-59w3
medium  TYPO3 Install Tool vulnerable to Information Disclosure of Encryption Key
Versions affectées : =13.0.0|>=12.0.0,<=12.4.10|>=11.0.0,<=11.5.34|>=10.0.0,<=10.4.42|>=9.0.0,<=9.5.45|>=8.0.0,<=8.7.56
Versions patchées : 8.7.57 9.5.46 10.4.43 11.5.35 12.4.11 13.0.1 https://github.com/advisories/GHSA-h47m-3f78-qp9g
medium  TYPO3 vulnerable to Improper Access Control of Resources Referenced by t3:// URI Scheme
Versions affectées : =13.0.0|>=12.0.0,<=12.4.10|>=11.0.0,<=11.5.34|>=10.0.0,<=10.4.42|>=9.0.0,<=9.5.45|>=8.0.0,<=8.7.56
Versions patchées : 8.7.57 9.5.46 10.4.43 11.5.35 12.4.11 13.0.1 https://github.com/advisories/GHSA-wf85-8hx9-gj7c
medium  TYPO3 Backend Forms vulnerable to Information Disclosure of Hashed Passwords
Versions affectées : =13.0.0|>=12.0.0,<=12.4.10|>=11.0.0,<=11.5.34|>=10.0.0,<=10.4.42|>=9.0.0,<=9.5.45|>=8.0.0,<=8.7.56
Versions patchées : 8.7.57 9.5.46 10.4.43 11.5.35 12.4.11 13.0.1 https://github.com/advisories/GHSA-38r2-5695-334w
medium  TYPO3-CORE-SA-2023-006: Weak Authentication in Session Handling
Versions affectées : >=8.0.0,<8.7.55|>=9.0.0,<9.5.44|>=10.0.0,<10.4.41|>=11.0.0,<11.5.33|>=12.0.0,<12.4.8
Versions patchées : 8.7.55 9.5.44 10.4.41 11.5.33 12.4.8 https://typo3.org/security/advisory/typo3-core-sa-2023-006
medium  TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Versions affectées : >=13.0.0,<=13.1.0|>=12.0.0,<=12.4.14|>=11.0.0,<=11.5.36|>=10.0.0,<=10.4.44|>=9.0.0,<=9.5.47
Versions patchées : 9.5.48 10.4.45 11.5.37 12.4.15 13.1.1 https://github.com/advisories/GHSA-36g8-62qv-5957
medium  Path Traversal in TYPO3 File Abstraction Layer Storages
Versions affectées : =13.0.0|>=12.0.0,<=12.4.10|>=11.0.0,<=11.5.34|>=10.0.0,<=10.4.42|>=9.0.0,<=9.5.45|>=8.0.0,<=8.7.56
Versions patchées : https://github.com/advisories/GHSA-w6x2-jg8h-p6mp
low  Information Disclosure due to Out-of-scope Site Resolution
Versions affectées : >=12.0.0,<12.4.4|>=11.0.0,<11.5.30|>=10.0.0,<10.4.39|>=9.4.0,<9.5.42
Versions patchées : 9.5.42 10.4.39 11.5.30 12.4.4 https://github.com/advisories/GHSA-jq6g-4v5m-wm9r


medium  Cross-Site Scripting in CKEditor4 WordCount Plugin
Versions affectées : >=11.0.0,<11.5.30|>=10.0.0,<10.4.39|>=9.5.0,<9.5.42
Versions patchées : 9.5.42 10.4.39 11.5.30 https://github.com/advisories/GHSA-m8fw-p3cr-6jqc


low  Information Disclosure in TYPO3 Page Tree
Versions affectées : <11.5.40|>=12.0.0,<12.4.21|>=13.0.0,<13.3.1
Versions patchées : 13.3.1 12.4.21 11.5.40 https://github.com/advisories/GHSA-rf5m-h8q9-9w6q
low  Denial of Service in TYPO3 Bookmark Toolbar
Versions affectées : >=10.0.0,<=10.4.45|>=11.0.0,<=11.5.39|>=12.0.0,<12.4.20|=13.0.0
Versions patchées : 13.3.1 12.4.21 11.5.40 10.4.46 https://github.com/advisories/GHSA-ffcv-v6pw-qhrp

1 paquets abandonnés ont été trouvés

Paquet abandonné Remplacement suggéré
symfony/inflector EnglishInflector from the String component
Votre version est Php 7.2 sort
Votre version est Typo3 10 sort