TYPO3 Mediace
By the Year
In 2024 there have been 0 vulnerabilities in TYPO3 Mediace . Mediace did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 9.80 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Mediace vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent TYPO3 Mediace Security Vulnerabilities
In TYPO3 installations with the "mediace" extension from version 7.6.2 and before version 7.6.5, it has been discovered
CVE-2020-15086
9.8 - Critical
- July 29, 2020
In TYPO3 installations with the "mediace" extension from version 7.6.2 and before version 7.6.5, it has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. The allows to inject arbitrary data having a valid cryptographic message authentication code and can lead to remote code execution. To successfully exploit this vulnerability, an attacker must have access to at least one `Extbase` plugin or module action in a TYPO3 installation. This is fixed in version 7.6.5 of the "mediace" extension for TYPO3.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for TYPO3 Mediace or by TYPO3? Click the Watch button to subscribe.
