Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2019-11832

TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.

  • Published: May 9, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-11832
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
typo3 / typo3 8.0.0 8.7.25
typo3 / typo3 9.0.0 9.5.6