typo3/cms vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2020-26229Lowtypo3/cms-core: XML External Entity in Dashboard WidgetCVE-2020-26228Hightypo3/cms-core: Cleartext storage of session identifierCVE-2020-15241Mediumtypo3fluid/fluid: Cross-Site Scripting in ternary conditional operatorCVE-2020-15099Hightypo3/cms-core: Exposure of Sensitive Information to an Unauthorized Actor in TYPO3 CMSCVE-2020-15098Hightypo3/cms-core: Missing Required Cryptographic Step Leading to Sensitive Information Disclosure in TYPO3 CMSCVE-2020-11069Hightypo3/cms-core: Backend Same-Site Request Forgery in TYPO3 CMSCVE-2020-11067Hightypo3/cms-core: Insecure Deserialization in Backend User Settings in TYPO3 CMSCVE-2020-11066Hightypo3/cms-core: Class destructors causing side-effects when being unserialized in TYPO3 CMSCVE-2020-11065Mediumtypo3/cms-core: Cross-Site Scripting in TYPO3 CMS Link HandlingCVE-2020-11064Mediumtypo3/cms-core: Cross-Site Scripting in TYPO3 CMS Form EngineCVE-2020-11063Lowtypo3/cms-core: Information Disclosure in Password ResetCVE-2019-10912Highsymfony/cache: Deserialization of untrusted data in SymfonyCVE-2018-17960Mediumckeditor: Ckeditor XSS VulnerabilityCVE-2018-14041Mediumbootstrap: Bootstrap Cross-site Scripting vulnerability

Stop the waste.
Protect your environment with Kodem.