CVE-2019-12747: TYPO3 Vulnerable to Insecure Deserialization
(updated )
TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization of Untrusted Data.
References
- github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12747.yaml
- github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12747.yaml
- github.com/TYPO3-CMS/core
- github.com/advisories/GHSA-86hp-xrhj-fhpq
- nvd.nist.gov/vuln/detail/CVE-2019-12747
- typo3.org/cms/release-news/typo3-8-release-notes
- typo3.org/security/advisory/typo3-core-sa-2019-020
Code Behaviors & Features
Detect and mitigate CVE-2019-12747 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →