GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9 advisories
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Moderate
CVE-2024-34358
was published
for
typo3/cms-core
(Composer)
May 14, 2024
TYPO3 vulnerable to Cross-Site Scripting in the Form Manager Module
Moderate
CVE-2024-34356
was published
for
typo3/cms-core
(Composer)
May 14, 2024
Path Traversal in TYPO3 File Abstraction Layer Storages
Moderate
CVE-2023-30451
was published
for
typo3/cms-core
(Composer)
Feb 13, 2024
TYPO3 vulnerable to Improper Access Control of Resources Referenced by t3:// URI Scheme
Moderate
CVE-2024-25120
was published
for
typo3/cms-core
(Composer)
Feb 13, 2024
TYPO3 Install Tool vulnerable to Information Disclosure of Encryption Key
Moderate
CVE-2024-25119
was published
for
typo3/cms-core
(Composer)
Feb 13, 2024
TYPO3 vulnerable to Weak Authentication in Session Handling
Moderate
CVE-2023-47127
was published
for
typo3/cms-core
(Composer)
Nov 14, 2023
Cross-Site Scripting in CKEditor4 WordCount Plugin
Moderate
GHSA-m8fw-p3cr-6jqc
was published
for
typo3/cms-rte-ckeditor
(Composer)
Jul 25, 2023
By-passing Cross-Site Scripting Protection in HTML Sanitizer
Moderate
CVE-2023-38500
was published
for
typo3/html-sanitizer
(Composer)
Jul 25, 2023
HTTP Host Header Injection
Moderate
CVE-2021-41114
was published
for
typo3/cms
(Composer)
Oct 5, 2021
ProTip!
Advisories are also available from the
GraphQL API