GHSA-8xp9-99h5-4vcg

Source

https://github.com/advisories/GHSA-8xp9-99h5-4vcg

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-8xp9-99h5-4vcg/GHSA-8xp9-99h5-4vcg.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-8xp9-99h5-4vcg

Aliases

CVE-2010-3664

Published

2022-04-21T01:57:47Z

Modified

2024-02-06T23:41:53.744415Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

TYPO3 is vulnerable to Information Disclosure on the backend

Details

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.

Database specific

{
    "nvd_published_at": "2019-11-04T22:15:00Z",
    "cwe_ids": [
        "CWE-200"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-06T23:22:30Z"
}

References

Affected packages

Packagist / typo3/cms-backend

Package

Name: typo3/cms-backend
Purl: pkg:composer/typo3/cms-backend

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.14

Packagist / typo3/cms-backend

Package

Name: typo3/cms-backend
Purl: pkg:composer/typo3/cms-backend

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.2.0

Fixed

4.2.13

Packagist / typo3/cms-backend

Package

Name: typo3/cms-backend
Purl: pkg:composer/typo3/cms-backend

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.3.0

Fixed

4.3.4

Packagist / typo3/cms-backend

Package

Name: typo3/cms-backend
Purl: pkg:composer/typo3/cms-backend

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.4.0

Fixed

4.4.1