TYPO3 Remote Code Execution in third party library swiftmailer · GHSA-g4pf-3jvq-2gcw · GitHub Advisory Database · GitHub

TYPO3 Remote Code Execution in third party library swiftmailer

High severity GitHub Reviewed Published Jun 5, 2024 to the GitHub Advisory Database • Updated Jun 5, 2024

Package

typo3/cms (Composer)

Affected versions

>= 6.2.0, < 6.2.30

>= 7.6.0, < 7.6.15

>= 8.0.0, < 8.5.1

Patched versions

6.2.30

7.6.15

8.5.1

Description

TYPO3 uses the package swiftmailer/swiftmailer for mail actions. This package is known to be vulnerable to Remote Code Execution.

References

Published to the GitHub Advisory Database Jun 5, 2024

Reviewed Jun 5, 2024

Last updated Jun 5, 2024