CVE-2010-3664: Exposure of Sensitive Information to an Unauthorized Actor

April 21, 2022 (updated February 6, 2024)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719
github.com/advisories/GHSA-8xp9-99h5-4vcg
nvd.nist.gov/vuln/detail/CVE-2010-3664
security-tracker.debian.org/tracker/CVE-2010-3664
typo3.org/security/advisory/typo3-sa-2010-012/

Detect and mitigate CVE-2010-3664 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →