Security
Headlines

Headlines Latest CVEs

Headline

GHSA-gj48-w74w-8gvm: Path Traversal in TYPO3 Core

Due to a too loose type check in an API method, attackers could bypass the directory traversal check by providing an invalid UTF-8 encoding sequence.

7 months ago

#vulnerability #git

Skip to content

- Actions
  
  Automate any workflow
- Packages
  
  Host and manage packages
- Security
  
  Find and fix vulnerabilities
- Codespaces
  
  Instant dev environments
- Copilot
  
  Write better code with AI
- Code review
  
  Manage code changes
- Issues
  
  Plan and track work
- Discussions
  
  Collaborate outside of code

- GitHub Sponsors
  
  Fund open source developers

*   The ReadME Project
    
    GitHub community articles

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

GitHub Advisory Database
GitHub Reviewed
GHSA-gj48-w74w-8gvm

Path Traversal in TYPO3 Core

Moderate severity GitHub Reviewed Published Feb 22, 2024 to the GitHub Advisory Database • Updated Feb 22, 2024

Package

Affected versions

>= 6.2.0, < 6.2.29

>= 7.6.0, < 7.6.13

>= 8.0.0, < 8.4.1

Patched versions

6.2.29

7.6.13

8.4.1

Description

Published to the GitHub Advisory Database

Feb 22, 2024

Last updated

Feb 22, 2024

ghsa: Latest News

GHSA-76mw-6p95-x9x5: pac4j-core affected by a Java deserialization vulnerability

2 days ago

GHSA-6h64-g7cj-hj56: Lord of Large Language Models (LoLLMs) path traversal vulnerability in the api open_personality_folder endpoint

2 days ago

GHSA-vgxq-6rcf-qwrw: angular-base64-upload vulnerable to unauthenticated remote code execution

2 days ago

GHSA-8rm2-93mq-jqhc: Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory.

2 days ago

GHSA-gx9m-whjm-85jf: DOMpurify has a nesting-based mXSS

2 days ago