VuXML: typo3-{11,12} -- multiple vulnerabilities

Affected packages

typo3-11

11.5.35

typo3-12

12.4.11

Details

VuXML ID	1ad3d264-e36b-11ee-9c27-40b034429ecf
Discovery	2024-02-13
Entry	2024-03-16

VuXML ID

1ad3d264-e36b-11ee-9c27-40b034429ecf

Discovery

2024-02-13

Entry

2024-03-16

Typo3 developers reports:

All versions are security releases and contain important security fixes - read the corresponding security advisories here:

Path Traversal in TYPO3 File Abstraction Layer Storages CVE-2023-30451

Code Execution in TYPO3 Install Tool CVE-2024-22188

Information Disclosure of Hashed Passwords in TYPO3 Backend Forms CVE-2024-25118

Information Disclosure of Encryption Key in TYPO3 Install Tool CVE-2024-25119

Improper Access Control of Resources Referenced by t3:// URI Scheme CVE-2024-25120

Improper Access Control Persisting File Abstraction Layer Entities via Data Handler CVE-2024-25121

[source]

References

CVE Name

CVE-2023-30451

CVE Name

CVE-2024-22188

CVE Name

CVE-2024-25118

CVE Name

CVE-2024-25119

CVE Name

CVE-2024-25120

CVE Name

CVE-2024-25121

URL

https://typo3.org/article/typo3-1301-12411-and-11535-security-releases-published