High severityNVD Advisory· Published Jul 9, 2019· Updated Aug 4, 2024
CVE-2019-12747
CVE-2019-12747
Description
TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization of Untrusted Data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
typo3/cms-corePackagist | >= 8.0.0, < 8.7.27 | 8.7.27 |
typo3/cms-corePackagist | >= 9.0.0, < 9.5.8 | 9.5.8 |
typo3/cmsPackagist | >= 8.0.0, < 8.7.27 | 8.7.27 |
typo3/cmsPackagist | >= 9.0.0, < 9.5.8 | 9.5.8 |
Affected products
3- TYPO3/TYPO3description
- ghsa-coords2 versions
>= 8.0.0, < 8.7.27+ 1 more
- (no CPE)range: >= 8.0.0, < 8.7.27
- (no CPE)range: >= 8.0.0, < 8.7.27
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-86hp-xrhj-fhpqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-12747ghsaADVISORY
- github.com/TYPO3/typo3/commit/647aa7afa582983cddc547fa106d31e2b1ef34feghsaWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12747.yamlghsaWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12747.yamlghsaWEB
- typo3.org/cms/release-news/typo3-8-release-notesghsaWEB
- typo3.org/security/advisory/typo3-core-sa-2019-020ghsaWEB
- typo3.org/security/advisory/typo3-core-sa-2019-020/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.