CVE-2019-11832
- Source
- https://cve.org/CVERecord?id=CVE-2019-11832
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11832.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-11832
- Aliases
- Published
- 2019-05-09T05:29:01.957Z
- Modified
- 2026-03-14T09:33:41.438664Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.
- References
Affected packages
Git / github.com/typo3/typo3.cms
Affected versions
8.*
8.0.0
8.1.0
8.2.0
8.3.0
8.4.0
8.5.0
8.6.0
8.7.0
8.7.1
8.7.10
8.7.11
8.7.12
8.7.13
8.7.14
8.7.15
8.7.16
8.7.17
8.7.18
8.7.19
8.7.2
8.7.20
8.7.21
8.7.22
8.7.23
8.7.24
8.7.4
8.7.5
8.7.6
8.7.7
8.7.8
8.7.9
Other
TYPO3_8-0-0
TYPO3_8-1-0
TYPO3_8-2-0
TYPO3_8-3-0
TYPO3_8-4-0
TYPO3_8-5-0
TYPO3_8-6-0
TYPO3_8-7-0
TYPO3_8-7-1
TYPO3_8-7-10
TYPO3_8-7-11
TYPO3_8-7-12
TYPO3_8-7-13
TYPO3_8-7-14
TYPO3_8-7-15
TYPO3_8-7-16
TYPO3_8-7-17
TYPO3_8-7-18
TYPO3_8-7-19
TYPO3_8-7-2
TYPO3_8-7-20
TYPO3_8-7-21
TYPO3_8-7-22
TYPO3_8-7-23
TYPO3_8-7-24
TYPO3_8-7-4
TYPO3_8-7-5
TYPO3_8-7-6
TYPO3_8-7-7
TYPO3_8-7-8
TYPO3_8-7-9
v8.*
v8.7.10
v8.7.11
v8.7.12
v8.7.13
v8.7.14
v8.7.15
v8.7.16
v8.7.17
v8.7.18
v8.7.19
v8.7.20
v8.7.21
v8.7.22
v8.7.23
v8.7.24
v8.7.4
v8.7.5
v8.7.6
v8.7.7
v8.7.8
v8.7.9
v9.*
v9.0.0
v9.1.0
v9.2.0
v9.3.0
v9.4.0
v9.5.0
v9.5.1
v9.5.2
v9.5.3
v9.5.4
v9.5.5