Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 126 results


CVE-2023-38500

Medium priority
Ignored

TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-24814

Medium priority
Ignored

TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. In affected versions the TYPO3 core component `GeneralUtility::getIndpEnv()` uses the unfiltered server environment...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Not in release
Show less packages

CVE-2022-23504

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages

CVE-2022-23503

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages

CVE-2022-23502

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages

CVE-2022-23501

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users,...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages

CVE-2022-23500

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-41114

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-41113

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-32768

Medium priority
Ignored

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the...

1 affected packages

typo3-src

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
typo3-src Not in release Not in release Not in release Ignored
Show less packages