CVE-2010-3666

Use of Insufficiently Random Values in packagist/typo3/cms-install

Identifiers

GHSA-c7xr-736p-29j3, CVE-2010-3666

Package Slug

packagist/typo3/cms-install

Vulnerability

Use of Insufficiently Random Values

Description

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function.

Affected Versions

All versions before 4.1.14, all versions starting from 4.2.0 before 4.2.13, all versions starting from 4.3.0 before 4.3.4, all versions starting from 4.4.0 before 4.4.1

Solution

Upgrade to versions 4.1.14, 4.2.13, 4.3.4, 4.4.1 or above.

Last Modified

2024-02-07

source