CVE-2024-22188

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in packagist/typo3/cms-core

Identifiers

GHSA-5w2h-59j3-8x5w, CVE-2024-22188

Package Slug

packagist/typo3/cms-core

Vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in typo3/cms-core.

Affected Versions

All versions starting from 8.0.0 up to 8.7.56, all versions starting from 9.0.0 up to 9.5.45, all versions starting from 10.0.0 up to 10.4.42, all versions starting from 11.0.0 up to 11.5.34, all versions starting from 12.0.0 up to 12.4.10, version 13.0.0

Solution

Upgrade to versions 8.7.57, 9.5.46, 10.4.43, 11.5.35, 12.4.11, 13.0.1 or above.

Last Modified

2024-02-14

source