diff --git a/typo3-ter/air-filemanager/2008-05-15.yaml b/typo3-ter/air-filemanager/2008-05-15.yaml new file mode 100644 index 000000000..af85e3672 --- /dev/null +++ b/typo3-ter/air-filemanager/2008-05-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080515-2: Multiple vulnerabilities in extension Frontend Filemanager (air_filemanager)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080515-2/ +cve: ~ +branches: + master: + time: 2008-05-15 12:00 + versions: [<=0.6.0] +reference: composer://typo3-ter/air-filemanager +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ameos-dragndropupload/2011-09-07.yaml b/typo3-ter/ameos-dragndropupload/2011-09-07.yaml new file mode 100644 index 000000000..4adfa9cdf --- /dev/null +++ b/typo3-ter/ameos-dragndropupload/2011-09-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-010: A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-010/ +cve: ~ +branches: + master: + time: 2011-09-07 12:00 + versions: [<=2.0.2] +reference: composer://typo3-ter/ameos-dragndropupload +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ameos-dragndropupload/2014-12-15.yaml b/typo3-ter/ameos-dragndropupload/2014-12-15.yaml new file mode 100644 index 000000000..473e8d97f --- /dev/null +++ b/typo3-ter/ameos-dragndropupload/2014-12-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-019: Multiple vulnerabilities in Drag Drop Mass Upload (ameos_dragndropupload)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-019/ +cve: ~ +branches: + master: + time: 2014-12-15 12:00 + versions: [<=3.1.1] +reference: composer://typo3-ter/ameos-dragndropupload +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ameos-formidable/2012-06-07.yaml b/typo3-ter/ameos-formidable/2012-06-07.yaml new file mode 100644 index 000000000..4af0358f7 --- /dev/null +++ b/typo3-ter/ameos-formidable/2012-06-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-008: Cross-site scripting vulnerability in extension Ameos Formidable (ameos_formidable)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-008/ +cve: ~ +branches: + master: + time: 2012-06-07 12:00 + versions: [<=1.1.373] +reference: composer://typo3-ter/ameos-formidable +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/beko-beuserlog/2015-06-15.yaml b/typo3-ter/beko-beuserlog/2015-06-15.yaml new file mode 100644 index 000000000..08c632ba4 --- /dev/null +++ b/typo3-ter/beko-beuserlog/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-007: Cross-Site Scripting in extension BE User Log (beko_beuserlog)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-007/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=1.1.1] +reference: composer://typo3-ter/beko-beuserlog +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/cal/2009-12-01.yaml b/typo3-ter/cal/2009-12-01.yaml new file mode 100644 index 000000000..0c49d7872 --- /dev/null +++ b/typo3-ter/cal/2009-12-01.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2009-019: Blind SQL Injection vulnerability in extension Calendar Base (cal)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2009-019/ +cve: ~ +branches: + master: + time: 2009-12-01 12:00 + versions: [<=1.2.0] +reference: composer://typo3-ter/cal +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/cal/2010-03-02.yaml b/typo3-ter/cal/2010-03-02.yaml new file mode 100644 index 000000000..fa1e103ca --- /dev/null +++ b/typo3-ter/cal/2010-03-02.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2010-005: Blind SQL Injection vulnerability in extension Calendar Base (cal)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2010-005/ +cve: ~ +branches: + master: + time: 2010-03-02 12:00 + versions: [<=1.3.1] +reference: composer://typo3-ter/cal +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/cc-awstats/2013-09-25.yaml b/typo3-ter/cc-awstats/2013-09-25.yaml new file mode 100644 index 000000000..2b781701d --- /dev/null +++ b/typo3-ter/cc-awstats/2013-09-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-018: Several vulnerabilities in extension AWStats (cc_awstats)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-018/ +cve: ~ +branches: + master: + time: 2013-09-25 12:00 + versions: [<=0.10.0] +reference: composer://typo3-ter/cc-awstats +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/commerce/2008-10-20.yaml b/typo3-ter/commerce/2008-10-20.yaml new file mode 100644 index 000000000..1d02f5f52 --- /dev/null +++ b/typo3-ter/commerce/2008-10-20.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20081020-2: SQL Injection in extension Commerce (commerce)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20081020-2/ +cve: ~ +branches: + master: + time: 2008-10-20 12:00 + versions: [<=0.9.6] +reference: composer://typo3-ter/commerce +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/commerce/2009-08-18.yaml b/typo3-ter/commerce/2009-08-18.yaml new file mode 100644 index 000000000..dbc7a693b --- /dev/null +++ b/typo3-ter/commerce/2009-08-18.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2009-011: Cross-Site Scripting vulnerability in extension Commerce (commerce)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2009-011/ +cve: ~ +branches: + master: + time: 2009-08-18 12:00 + versions: [<=0.9.8] +reference: composer://typo3-ter/commerce +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/commerce/2012-12-21.yaml b/typo3-ter/commerce/2012-12-21.yaml new file mode 100644 index 000000000..ba5958abb --- /dev/null +++ b/typo3-ter/commerce/2012-12-21.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-013: Several Vulnerabilities in extension commerce (commerce)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-013/ +cve: ~ +branches: + master: + time: 2012-12-21 12:00 + versions: [<=0.12.7] +reference: composer://typo3-ter/commerce +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/content-rating-extbase/2015-01-09.yaml b/typo3-ter/content-rating-extbase/2015-01-09.yaml new file mode 100644 index 000000000..9e87eb231 --- /dev/null +++ b/typo3-ter/content-rating-extbase/2015-01-09.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-003: Multiple vulnerabilities in Content Rating Extbase (content_rating_extbase)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/ +cve: ~ +branches: + master: + time: 2015-01-09 12:00 + versions: [<=2.0.3] +reference: composer://typo3-ter/content-rating-extbase +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/content-rating/2015-01-09.yaml b/typo3-ter/content-rating/2015-01-09.yaml new file mode 100644 index 000000000..69042741c --- /dev/null +++ b/typo3-ter/content-rating/2015-01-09.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-002: Multiple vulnerabilities in Content Rating (content_rating)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-002/ +cve: ~ +branches: + master: + time: 2015-01-09 12:00 + versions: [<=1.0.3] +reference: composer://typo3-ter/content-rating +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/cooluri/2013-02-19.yaml b/typo3-ter/cooluri/2013-02-19.yaml new file mode 100644 index 000000000..94fa036a6 --- /dev/null +++ b/typo3-ter/cooluri/2013-02-19.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-003: SQL Injection vulnerability in extension CoolURI (cooluri)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-003/ +cve: ~ +branches: + master: + time: 2013-02-19 12:00 + versions: [<=1.0.29] +reference: composer://typo3-ter/cooluri +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/dam/2011-01-26.yaml b/typo3-ter/dam/2011-01-26.yaml new file mode 100644 index 000000000..e718fbec1 --- /dev/null +++ b/typo3-ter/dam/2011-01-26.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2011-001: Cross-Site Scripting vulnerability in extension 'Media [DAM]' (dam)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2011-001/ +cve: ~ +branches: + master: + time: 2011-01-26 12:00 + versions: [<=1.1.7] +reference: composer://typo3-ter/dam +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/dce/2014-10-17.yaml b/typo3-ter/dce/2014-10-17.yaml new file mode 100644 index 000000000..2ef664560 --- /dev/null +++ b/typo3-ter/dce/2014-10-17.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-015: Information Disclosure vulnerability in Dynamic Content Elements (dce)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-015/ +cve: ~ +branches: + master: + time: 2014-10-17 12:00 + versions: [>=0.7.0,<=0.11.4] +reference: composer://typo3-ter/dce +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/devlog/2015-06-15.yaml b/typo3-ter/devlog/2015-06-15.yaml new file mode 100644 index 000000000..5e203212b --- /dev/null +++ b/typo3-ter/devlog/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-011: SQL Injection vulnerability in extension Developer Log (devlog)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-011/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=2.11.3] +reference: composer://typo3-ter/devlog +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/direct-mail-subscription/2011-09-07.yaml b/typo3-ter/direct-mail-subscription/2011-09-07.yaml new file mode 100644 index 000000000..e52ba41bb --- /dev/null +++ b/typo3-ter/direct-mail-subscription/2011-09-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-007: Several Vulnerabilities in extension Direct Mail Subscription (direct_mail_subscription)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-007/ +cve: ~ +branches: + master: + time: 2011-09-07 12:00 + versions: [<=1.1.0] +reference: composer://typo3-ter/direct-mail-subscription +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/direct-mail-subscription/2014-02-12.yaml b/typo3-ter/direct-mail-subscription/2014-02-12.yaml new file mode 100644 index 000000000..dc83685f0 --- /dev/null +++ b/typo3-ter/direct-mail-subscription/2014-02-12.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-004: Mass Assignment in extension Direct Mail Subscription (direct_mail_subscription)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-004/ +cve: ~ +branches: + master: + time: 2014-02-12 12:00 + versions: [<=2.0.0] +reference: composer://typo3-ter/direct-mail-subscription +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/direct-mail-subscription/2015-01-16.yaml b/typo3-ter/direct-mail-subscription/2015-01-16.yaml new file mode 100644 index 000000000..ffc67f8d9 --- /dev/null +++ b/typo3-ter/direct-mail-subscription/2015-01-16.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-004: Information Disclosure in Direct Mail Subscription (direct_mail_subscription)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-004/ +cve: ~ +branches: + master: + time: 2015-01-16 12:00 + versions: [>=2.0.1,<=2.0.1] +reference: composer://typo3-ter/direct-mail-subscription +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/direct-mail/2009-12-01.yaml b/typo3-ter/direct-mail/2009-12-01.yaml new file mode 100644 index 000000000..59d306065 --- /dev/null +++ b/typo3-ter/direct-mail/2009-12-01.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2009-018: Cross-Site Scripting vulnerability in extension Direct Mail (direct_mail)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2009-018/ +cve: ~ +branches: + master: + time: 2009-12-01 12:00 + versions: [<=2.6.4] +reference: composer://typo3-ter/direct-mail +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/direct-mail/2011-03-15.yaml b/typo3-ter/direct-mail/2011-03-15.yaml new file mode 100644 index 000000000..5596f7d94 --- /dev/null +++ b/typo3-ter/direct-mail/2011-03-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2011-002: XSS and SQL Injection vulnerabilities in extension 'Direct Mail' (direct_mail)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2011-002/ +cve: ~ +branches: + master: + time: 2011-03-15 12:00 + versions: [<=2.6.9] +reference: composer://typo3-ter/direct-mail +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/direct-mail/2013-09-25.yaml b/typo3-ter/direct-mail/2013-09-25.yaml new file mode 100644 index 000000000..c55eceea4 --- /dev/null +++ b/typo3-ter/direct-mail/2013-09-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-014: Information Disclosure in extension Direct Mail (direct_mail)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-014/ +cve: ~ +branches: + master: + time: 2013-09-25 12:00 + versions: [<=3.1.1] +reference: composer://typo3-ter/direct-mail +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/dmmjobcontrol/2014-09-25.yaml b/typo3-ter/dmmjobcontrol/2014-09-25.yaml new file mode 100644 index 000000000..26311ea94 --- /dev/null +++ b/typo3-ter/dmmjobcontrol/2014-09-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-012: Several vulnerabilities in extension JobControl (dmmjobcontrol)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-012/ +cve: ~ +branches: + master: + time: 2014-09-25 12:00 + versions: [<=2.14.0] +reference: composer://typo3-ter/dmmjobcontrol +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/error-404-handling/2010-04-14.yaml b/typo3-ter/error-404-handling/2010-04-14.yaml new file mode 100644 index 000000000..19d3ea89d --- /dev/null +++ b/typo3-ter/error-404-handling/2010-04-14.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2010-011: Vulnerabilitiy in extension 404 Error Page Handling (error_404_handling)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2010-011/ +cve: ~ +branches: + master: + time: 2010-04-14 12:00 + versions: [<=0.1.1] +reference: composer://typo3-ter/error-404-handling +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/eu-ldap/2015-09-30.yaml b/typo3-ter/eu-ldap/2015-09-30.yaml new file mode 100644 index 000000000..1777a61e6 --- /dev/null +++ b/typo3-ter/eu-ldap/2015-09-30.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-016: Information Disclosure in extension 'LDAP' (eu_ldap)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-016/ +cve: ~ +branches: + master: + time: 2015-09-30 12:00 + versions: [<=2.8.18] +reference: composer://typo3-ter/eu-ldap +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/fal-sftp/2014-10-17.yaml b/typo3-ter/fal-sftp/2014-10-17.yaml new file mode 100644 index 000000000..073958a3c --- /dev/null +++ b/typo3-ter/fal-sftp/2014-10-17.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-014: Improper Access Control vulnerability in extension fal_sftp (fal_sftp)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-014/ +cve: ~ +branches: + master: + time: 2014-10-17 12:00 + versions: [>=0.2.4, <=0.2.5] +reference: composer://typo3-ter/fal-sftp +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/feupload/2015-06-15.yaml b/typo3-ter/feupload/2015-06-15.yaml new file mode 100644 index 000000000..3cd257ead --- /dev/null +++ b/typo3-ter/feupload/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-006: Arbitrary Code Execution in extension Frontend User Upload (feupload)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-006/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=0.5.0] +reference: composer://typo3-ter/feupload +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/formhandler/2011-08-25.yaml b/typo3-ter/formhandler/2011-08-25.yaml new file mode 100644 index 000000000..a4e5a3a51 --- /dev/null +++ b/typo3-ter/formhandler/2011-08-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-003: Several Vulnerabilities in extension Formhandler (formhandler)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-003/ +cve: ~ +branches: + master: + time: 2011-08-25 12:00 + versions: [<=0.9.14] +reference: composer://typo3-ter/formhandler +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/formhandler/2012-10-25.yaml b/typo3-ter/formhandler/2012-10-25.yaml new file mode 100644 index 000000000..e8096158b --- /dev/null +++ b/typo3-ter/formhandler/2012-10-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-012: Several Vulnerabilities in extension Formhandler (formhandler)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-012/ +cve: ~ +branches: + master: + time: 2012-10-25 12:00 + versions: [<=1.4.0] +reference: composer://typo3-ter/formhandler +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/formhandler/2013-08-05.yaml b/typo3-ter/formhandler/2013-08-05.yaml new file mode 100644 index 000000000..58cb7eff2 --- /dev/null +++ b/typo3-ter/formhandler/2013-08-05.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-012: Several vulnerabilities in extension Formhandler (formhandler)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-012/ +cve: ~ +branches: + master: + time: 2013-08-05 12:00 + versions: [<=1.6.0] +reference: composer://typo3-ter/formhandler +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/formhandler/2013-09-25.yaml b/typo3-ter/formhandler/2013-09-25.yaml new file mode 100644 index 000000000..d88797a3d --- /dev/null +++ b/typo3-ter/formhandler/2013-09-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-016: SQL Injection vulnerability in extension Formhandler (formhandler)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-016/ +cve: ~ +branches: + master: + time: 2013-09-25 12:00 + versions: [<=1.6.1] +reference: composer://typo3-ter/formhandler +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ig-ldap-sso-auth/2015-01-08.yaml b/typo3-ter/ig-ldap-sso-auth/2015-01-08.yaml new file mode 100644 index 000000000..1f8d8d607 --- /dev/null +++ b/typo3-ter/ig-ldap-sso-auth/2015-01-08.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-001: Improper Authentication in LDAP / SSO Authentication (ig_ldap_sso_auth)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-001/ +cve: ~ +branches: + master: + time: 2015-01-08 12:00 + versions: [>=2.0.0,<=2.0.0] +reference: composer://typo3-ter/ig-ldap-sso-auth +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/jm-gallery/2011-08-03.yaml b/typo3-ter/jm-gallery/2011-08-03.yaml new file mode 100644 index 000000000..0e1bd4ba6 --- /dev/null +++ b/typo3-ter/jm-gallery/2011-08-03.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-002: Multiple SQL Injection vulnerabilities in extension 'Website Photo Gallery' (jm_gallery)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-002/ +cve: ~ +branches: + master: + time: 2011-08-03 12:00 + versions: [<=0.9.1] +reference: composer://typo3-ter/jm-gallery +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/jobfair/2015-06-15.yaml b/typo3-ter/jobfair/2015-06-15.yaml new file mode 100644 index 000000000..52fa94a8b --- /dev/null +++ b/typo3-ter/jobfair/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-013: Arbitrary Code Execution in extension Job Fair (jobfair)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-013/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=1.0.0] +reference: composer://typo3-ter/jobfair +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/js-faq/2015-06-15.yaml b/typo3-ter/js-faq/2015-06-15.yaml new file mode 100644 index 000000000..5657807aa --- /dev/null +++ b/typo3-ter/js-faq/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-012: SQL Injection vulnerability in extension FAQ - Frequently Asked Questions (js_faq)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-012/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=1.2.0] +reference: composer://typo3-ter/js-faq +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ke-search/2011-06-29.yaml b/typo3-ter/ke-search/2011-06-29.yaml new file mode 100644 index 000000000..3d23ac459 --- /dev/null +++ b/typo3-ter/ke-search/2011-06-29.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2011-007: SQL Injection vulnerability in extension Faceted Search (ke_search)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2011-007/ +cve: ~ +branches: + master: + time: 2011-06-29 12:00 + versions: [<=0.3.0] +reference: composer://typo3-ter/ke-search +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ke-stats/2008-05-13.yaml b/typo3-ter/ke-stats/2008-05-13.yaml new file mode 100644 index 000000000..cf84fae7b --- /dev/null +++ b/typo3-ter/ke-stats/2008-05-13.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080513-4: Multiple vulnerabilities in extension Statistics (ke_stats)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080513-4/ +cve: ~ +branches: + master: + time: 2008-05-13 12:00 + versions: [<=0.1.2] +reference: composer://typo3-ter/ke-stats +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/kj-imagelightbox2/2008-05-27.yaml b/typo3-ter/kj-imagelightbox2/2008-05-27.yaml new file mode 100644 index 000000000..11de1d557 --- /dev/null +++ b/typo3-ter/kj-imagelightbox2/2008-05-27.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080527-1: Cross Site Scripting vulnerability in extension 'KJ: Image Lightbox v2' (kj_imagelightbox2)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080527-1/ +cve: ~ +branches: + master: + time: 2008-05-27 12:00 + versions: [<=1.4.2] +reference: composer://typo3-ter/kj-imagelightbox2 +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/locator/2015-06-15.yaml b/typo3-ter/locator/2015-06-15.yaml new file mode 100644 index 000000000..49925a61b --- /dev/null +++ b/typo3-ter/locator/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-009: SQL Injection vulnerability in extension Store Locator (locator)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-009/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=3.3.0] +reference: composer://typo3-ter/locator +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/mh-httpbl/2015-09-30.yaml b/typo3-ter/mh-httpbl/2015-09-30.yaml new file mode 100644 index 000000000..ca7e66488 --- /dev/null +++ b/typo3-ter/mh-httpbl/2015-09-30.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-021: SQL Injection in extension 'http:BL Blocking' (mh_httpbl)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-021/ +cve: ~ +branches: + master: + time: 2015-09-30 12:00 + versions: [<=1.1.7] +reference: composer://typo3-ter/mh-httpbl +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/mkforms/2015-09-30.yaml b/typo3-ter/mkforms/2015-09-30.yaml new file mode 100644 index 000000000..6c4168896 --- /dev/null +++ b/typo3-ter/mkforms/2015-09-30.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-022: Arbitrary Code Execution in extension 'MK Forms' (mkforms)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-022/ +cve: ~ +branches: + master: + time: 2015-09-30 12:00 + versions: [<=1.0.23] +reference: composer://typo3-ter/mkforms +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/mm-forum/2010-03-16.yaml b/typo3-ter/mm-forum/2010-03-16.yaml new file mode 100644 index 000000000..e50bcfba4 --- /dev/null +++ b/typo3-ter/mm-forum/2010-03-16.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2010-007: Cross-Site Scripting vulnerability in extension mm_forum (mm_forum)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2010-007/ +cve: ~ +branches: + master: + time: 2010-03-16 12:00 + versions: [<=1.8.2] +reference: composer://typo3-ter/mm-forum +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/mm-forum/2014-02-12.yaml b/typo3-ter/mm-forum/2014-02-12.yaml new file mode 100644 index 000000000..41315c8a4 --- /dev/null +++ b/typo3-ter/mm-forum/2014-02-12.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-001: Several vulnerabilities in extension mm_forum (mm_forum)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-001/ +cve: ~ +branches: + master: + time: 2014-02-12 12:00 + versions: [<=1.9.2] +reference: composer://typo3-ter/mm-forum +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/multishop/2013-06-03.yaml b/typo3-ter/multishop/2013-06-03.yaml new file mode 100644 index 000000000..d13254b60 --- /dev/null +++ b/typo3-ter/multishop/2013-06-03.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-010: SQL Injection vulnerability in extension Multishop (multishop)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-010/ +cve: ~ +branches: + master: + time: 2013-06-03 12:00 + versions: [<=2.0.38] +reference: composer://typo3-ter/multishop +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ncgov-smoelenboek/2015-06-15.yaml b/typo3-ter/ncgov-smoelenboek/2015-06-15.yaml new file mode 100644 index 000000000..3481a1842 --- /dev/null +++ b/typo3-ter/ncgov-smoelenboek/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-010: SQL Injection vulnerability in extension Smoelenboek (ncgov_smoelenboek)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-010/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=1.0.8] +reference: composer://typo3-ter/ncgov-smoelenboek +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/news/2015-09-30.yaml b/typo3-ter/news/2015-09-30.yaml new file mode 100644 index 000000000..c5643215b --- /dev/null +++ b/typo3-ter/news/2015-09-30.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-017: Cross-Site Scripting in extension 'News system' (news)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-017/ +cve: ~ +branches: + master: + time: 2015-09-30 12:00 + versions: [<=3.2.1] +reference: composer://typo3-ter/news +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/pagenotfoundhandling/2015-06-29.yaml b/typo3-ter/pagenotfoundhandling/2015-06-29.yaml new file mode 100644 index 000000000..87d7f3316 --- /dev/null +++ b/typo3-ter/pagenotfoundhandling/2015-06-29.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-015: Cross-Site Scripting in extension '404 Page not found handling' (pagenotfoundhandling)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-015/ +cve: ~ +branches: + master: + time: 2015-06-29 12:00 + versions: [<=2.1.0] +reference: composer://typo3-ter/pagenotfoundhandling +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/pbsurvey/2008-05-13.yaml b/typo3-ter/pbsurvey/2008-05-13.yaml new file mode 100644 index 000000000..752f3b579 --- /dev/null +++ b/typo3-ter/pbsurvey/2008-05-13.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080513-2: Cross Site Scripting vulnerability in extension Questionaire (pbsurvey)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080513-2/ +cve: ~ +branches: + master: + time: 2008-05-13 12:00 + versions: [<=1.2.0] +reference: composer://typo3-ter/pbsurvey +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/pbsurvey/2011-08-25.yaml b/typo3-ter/pbsurvey/2011-08-25.yaml new file mode 100644 index 000000000..ddc801238 --- /dev/null +++ b/typo3-ter/pbsurvey/2011-08-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-004: Cross Site Scripting Vulnerability in extension Questionaire (pbsurvey)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-004/ +cve: ~ +branches: + master: + time: 2011-08-25 12:00 + versions: [<=1.3.0] +reference: composer://typo3-ter/pbsurvey +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2009-01-23.yaml b/typo3-ter/phpmyadmin/2009-01-23.yaml new file mode 100644 index 000000000..0f5560bd9 --- /dev/null +++ b/typo3-ter/phpmyadmin/2009-01-23.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2009-015: XSS and SQL injection vulnerabilities in extension 'phpMyAdmin' (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2009-015/ +cve: ~ +branches: + master: + time: 2009-01-23 12:00 + versions: [<=4.3.0] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2011-05-23.yaml b/typo3-ter/phpmyadmin/2011-05-23.yaml new file mode 100644 index 000000000..52016f31f --- /dev/null +++ b/typo3-ter/phpmyadmin/2011-05-23.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2011-005: Cross-Site Scripting and Open Redirection vulnerability in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2011-005/ +cve: ~ +branches: + master: + time: 2011-05-23 12:00 + versions: [<=4.10.3] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2011-07-06.yaml b/typo3-ter/phpmyadmin/2011-07-06.yaml new file mode 100644 index 000000000..2e489bbf1 --- /dev/null +++ b/typo3-ter/phpmyadmin/2011-07-06.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2011-008: Directory Traversal and Code Injection vulnerability in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2011-008/ +cve: ~ +branches: + master: + time: 2011-07-06 12:00 + versions: [<=4.11.1] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2011-07-25.yaml b/typo3-ter/phpmyadmin/2011-07-25.yaml new file mode 100644 index 000000000..ed2f1f630 --- /dev/null +++ b/typo3-ter/phpmyadmin/2011-07-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-001: Several vulnerabilities in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-001/ +cve: ~ +branches: + master: + time: 2011-07-25 12:00 + versions: [<=4.11.2] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2011-08-26.yaml b/typo3-ter/phpmyadmin/2011-08-26.yaml new file mode 100644 index 000000000..afaa0d299 --- /dev/null +++ b/typo3-ter/phpmyadmin/2011-08-26.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-005: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-005/ +cve: ~ +branches: + master: + time: 2011-08-26 12:00 + versions: [<=4.11.3] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2011-09-15.yaml b/typo3-ter/phpmyadmin/2011-09-15.yaml new file mode 100644 index 000000000..7d1bf939c --- /dev/null +++ b/typo3-ter/phpmyadmin/2011-09-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-011: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-011/ +cve: ~ +branches: + master: + time: 2011-09-15 12:00 + versions: [<=4.11.4] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2011-10-18.yaml b/typo3-ter/phpmyadmin/2011-10-18.yaml new file mode 100644 index 000000000..e4ed5e64d --- /dev/null +++ b/typo3-ter/phpmyadmin/2011-10-18.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-014: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-014/ +cve: ~ +branches: + master: + time: 2011-10-18 12:00 + versions: [<=4.11.5] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2011-11-15.yaml b/typo3-ter/phpmyadmin/2011-11-15.yaml new file mode 100644 index 000000000..317561e41 --- /dev/null +++ b/typo3-ter/phpmyadmin/2011-11-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-018: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-018/ +cve: ~ +branches: + master: + time: 2011-11-15 12:00 + versions: [<=4.11.8] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2014-09-26.yaml b/typo3-ter/phpmyadmin/2014-09-26.yaml new file mode 100644 index 000000000..f734f76b4 --- /dev/null +++ b/typo3-ter/phpmyadmin/2014-09-26.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-011: Several vulnerabilities in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-011/ +cve: ~ +branches: + master: + time: 2014-09-26 12:00 + versions: [<=4.18.2] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2014-11-05.yaml b/typo3-ter/phpmyadmin/2014-11-05.yaml new file mode 100644 index 000000000..71a03661f --- /dev/null +++ b/typo3-ter/phpmyadmin/2014-11-05.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-016: Cross-Site Scripting vulnerability in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-016/ +cve: ~ +branches: + master: + time: 2014-11-05 12:00 + versions: [>=4.18.0,<=4.18.3] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/phpmyadmin/2014-12-08.yaml b/typo3-ter/phpmyadmin/2014-12-08.yaml new file mode 100644 index 000000000..3af1dd697 --- /dev/null +++ b/typo3-ter/phpmyadmin/2014-12-08.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-018: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-018/ +cve: ~ +branches: + master: + time: 2014-12-08 12:00 + versions: [>=4.18.0,<4.18.5] +reference: composer://typo3-ter/phpmyadmin +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/powermail/2011-05-11.yaml b/typo3-ter/powermail/2011-05-11.yaml new file mode 100644 index 000000000..73db598d5 --- /dev/null +++ b/typo3-ter/powermail/2011-05-11.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2011-004: Blind SQL Injection vulnerability in extension 'powermail' (powermail)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2011-004/ +cve: ~ +branches: + master: + time: 2011-05-11 12:00 + versions: [>=1.6.0,<=1.6.2] +reference: composer://typo3-ter/powermail +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/powermail/2012-03-28.yaml b/typo3-ter/powermail/2012-03-28.yaml new file mode 100644 index 000000000..5d016a707 --- /dev/null +++ b/typo3-ter/powermail/2012-03-28.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-004: Cross-Site Scripting vulnerability in extension powermail for TYPO3 (powermail)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/ +cve: ~ +branches: + master: + time: 2012-03-28 12:00 + versions: [<=1.6.4] +reference: composer://typo3-ter/powermail +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/powermail/2012-06-07.yaml b/typo3-ter/powermail/2012-06-07.yaml new file mode 100644 index 000000000..cd4f7c56b --- /dev/null +++ b/typo3-ter/powermail/2012-06-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-009: Cross-site scripting vulnerability in extension powermail for TYPO3 (powermail)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-009/ +cve: ~ +branches: + master: + time: 2012-06-07 12:00 + versions: [<=1.6.6] +reference: composer://typo3-ter/powermail +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/powermail/2014-04-10.yaml b/typo3-ter/powermail/2014-04-10.yaml new file mode 100644 index 000000000..c7272b33a --- /dev/null +++ b/typo3-ter/powermail/2014-04-10.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-006: Captcha Bypass in extension 'powermail' (powermail)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/ +cve: ~ +branches: + master: + time: 2014-04-10 12:00 + versions: [>=2.0.0,<=2.0.10] +reference: composer://typo3-ter/powermail +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/pt-extbase/2014-02-12.yaml b/typo3-ter/pt-extbase/2014-02-12.yaml new file mode 100644 index 000000000..964b85eb4 --- /dev/null +++ b/typo3-ter/pt-extbase/2014-02-12.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-005: Access Bypass in extensions 'Yet Another Gallery' (yag) and 'Tools for Extbase development' (pt_extbase)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-005/ +cve: ~ +branches: + master: + time: 2014-02-12 12:00 + versions: [<=1.5.0] +reference: composer://typo3-ter/pt-extbase +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/realurl/2013-09-25.yaml b/typo3-ter/realurl/2013-09-25.yaml new file mode 100644 index 000000000..9aa89dcf9 --- /dev/null +++ b/typo3-ter/realurl/2013-09-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-015: SQL Injection vulnerability in extension RealURL: speaking paths for TYPO3 (realurl)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-015/ +cve: ~ +branches: + master: + time: 2013-09-25 12:00 + versions: [<=1.12.6] +reference: composer://typo3-ter/realurl +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/rgsmoothgallery/2011-09-07.yaml b/typo3-ter/rgsmoothgallery/2011-09-07.yaml new file mode 100644 index 000000000..30191e235 --- /dev/null +++ b/typo3-ter/rgsmoothgallery/2011-09-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-008: Several Vulnerabilities in extension SmoothGallery for TYPO3 (rgsmoothgallery)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-008/ +cve: ~ +branches: + master: + time: 2011-09-07 12:00 + versions: [<=1.5.1] +reference: composer://typo3-ter/rgsmoothgallery +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/rlmp-eventdb/2008-05-13.yaml b/typo3-ter/rlmp-eventdb/2008-05-13.yaml new file mode 100644 index 000000000..070a40933 --- /dev/null +++ b/typo3-ter/rlmp-eventdb/2008-05-13.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080513-3: Cross Site Scripting vulnerability in extension Event Database (rlmp_eventdb)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080513-3/ +cve: ~ +branches: + master: + time: 2008-05-13 12:00 + versions: [<=1.1.1] +reference: composer://typo3-ter/rlmp-eventdb +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/sb-akronymmanager/2015-06-18.yaml b/typo3-ter/sb-akronymmanager/2015-06-18.yaml new file mode 100644 index 000000000..280786c55 --- /dev/null +++ b/typo3-ter/sb-akronymmanager/2015-06-18.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-014: SQL Injection in extension 'Akronymmanager' (sb_akronymmanager)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-014/ +cve: ~ +branches: + master: + time: 2015-06-18 12:00 + versions: [<=0.5.0] +reference: composer://typo3-ter/sb-akronymmanager +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/seminars/2012-07-03.yaml b/typo3-ter/seminars/2012-07-03.yaml new file mode 100644 index 000000000..5331fa38a --- /dev/null +++ b/typo3-ter/seminars/2012-07-03.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-010: Cross-site scripting vulnerability in extension Seminars (seminars)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-010/ +cve: ~ +branches: + master: + time: 2012-07-03 12:00 + versions: [<=0.9.3] +reference: composer://typo3-ter/seminars +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/seo-basics/2012-03-28.yaml b/typo3-ter/seo-basics/2012-03-28.yaml new file mode 100644 index 000000000..51faef6af --- /dev/null +++ b/typo3-ter/seo-basics/2012-03-28.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-006: Cross-Site Scripting vulnerability in extension Basic SEO Features (seo_basics)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-006/ +cve: ~ +branches: + master: + time: 2012-03-28 12:00 + versions: [<=0.8.1] +reference: composer://typo3-ter/seo-basics +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/seo-basics/2012-06-07.yaml b/typo3-ter/seo-basics/2012-06-07.yaml new file mode 100644 index 000000000..b0a40a393 --- /dev/null +++ b/typo3-ter/seo-basics/2012-06-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-007: SQL Injection vulnerability in extension Basic SEO Features (seo_basics)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-007/ +cve: ~ +branches: + master: + time: 2012-06-07 12:00 + versions: [<=0.8.2] +reference: composer://typo3-ter/seo-basics +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/sg-zfelib/2008-05-27.yaml b/typo3-ter/sg-zfelib/2008-05-27.yaml new file mode 100644 index 000000000..77a4501e9 --- /dev/null +++ b/typo3-ter/sg-zfelib/2008-05-27.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080527-2: SQL Injection in extension 'Library for Frontend plugins' (sg_zfelib)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080527-2/ +cve: ~ +branches: + master: + time: 2008-05-27 12:00 + versions: [<=1.1.512] +reference: composer://typo3-ter/sg-zfelib +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/si-bibtex/2014-12-15.yaml b/typo3-ter/si-bibtex/2014-12-15.yaml new file mode 100644 index 000000000..c7e357566 --- /dev/null +++ b/typo3-ter/si-bibtex/2014-12-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-020: Multiple vulnerabilities in BibTex Publications (si_bibtex)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-020/ +cve: ~ +branches: + master: + time: 2014-12-15 12:00 + versions: [<=0.2.3] +reference: composer://typo3-ter/si-bibtex +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/solr/2013-09-25.yaml b/typo3-ter/solr/2013-09-25.yaml new file mode 100644 index 000000000..b096804bc --- /dev/null +++ b/typo3-ter/solr/2013-09-25.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-009: Several vulnerabilities in extension Apache Solr for TYPO3 (solr)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009/ +cve: ~ +branches: + master: + time: 2013-09-25 12:00 + versions: [<=2.8.2] +reference: composer://typo3-ter/solr +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/sr-feuser-register/2010-04-14.yaml b/typo3-ter/sr-feuser-register/2010-04-14.yaml new file mode 100644 index 000000000..2676a6890 --- /dev/null +++ b/typo3-ter/sr-feuser-register/2010-04-14.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2010-009: Vulnerabilitiy in extension Frontend User Registration (sr_feuser_register)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2010-009/ +cve: ~ +branches: + master: + time: 2010-04-14 12:00 + versions: [<=2.5.24] +reference: composer://typo3-ter/sr-feuser-register +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/sr-feuser-register/2010-07-28.yaml b/typo3-ter/sr-feuser-register/2010-07-28.yaml new file mode 100644 index 000000000..da3c4a007 --- /dev/null +++ b/typo3-ter/sr-feuser-register/2010-07-28.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2010-013: Vulnerabilitiy in extension Front End User Registration (sr_feuser_register)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2010-013/ +cve: ~ +branches: + master: + time: 2010-07-28 12:00 + versions: [>=2.5.25,<=2.5.25] +reference: composer://typo3-ter/sr-feuser-register +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/sr-feuser-register/2012-02-23.yaml b/typo3-ter/sr-feuser-register/2012-02-23.yaml new file mode 100644 index 000000000..24a132bec --- /dev/null +++ b/typo3-ter/sr-feuser-register/2012-02-23.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2012-002: Information disclosure vulnerabilities in extension 'Front End User Registration' (sr_feuser_register)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-002/ +cve: ~ +branches: + master: + time: 2012-02-23 12:00 + versions: [<=2.6.1] +reference: composer://typo3-ter/sr-feuser-register +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/sr-feuser-register/2013-08-05.yaml b/typo3-ter/sr-feuser-register/2013-08-05.yaml new file mode 100644 index 000000000..e3a49f360 --- /dev/null +++ b/typo3-ter/sr-feuser-register/2013-08-05.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-011: Cross-Site Scripting vulnerability in extension Front End User Registration (sr_feuser_register)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-011/ +cve: ~ +branches: + master: + time: 2013-08-05 12:00 + versions: [<=3.0.1] +reference: composer://typo3-ter/sr-feuser-register +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/sr-sendcard/2008-07-01.yaml b/typo3-ter/sr-sendcard/2008-07-01.yaml new file mode 100644 index 000000000..7830a41f7 --- /dev/null +++ b/typo3-ter/sr-sendcard/2008-07-01.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080701-3: Multiple vulnerabilities in extension Send-A-Card (sr_sendcard)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080701-3/ +cve: ~ +branches: + master: + time: 2008-07-01 12:00 + versions: [<=2.2.2] +reference: composer://typo3-ter/sr-sendcard +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/static-info-tables/2013-02-19.yaml b/typo3-ter/static-info-tables/2013-02-19.yaml new file mode 100644 index 000000000..ea9ed54da --- /dev/null +++ b/typo3-ter/static-info-tables/2013-02-19.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2013-004: Cross-Site Scripting vulnerability in extension Static Info Tables (static_info_tables)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-004/ +cve: ~ +branches: + master: + time: 2013-02-19 12:00 + versions: [<=2.3.0] +reference: composer://typo3-ter/static-info-tables +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/t3adminer/2015-09-30.yaml b/typo3-ter/t3adminer/2015-09-30.yaml new file mode 100644 index 000000000..f9083a1b6 --- /dev/null +++ b/typo3-ter/t3adminer/2015-09-30.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-018: Information Disclosure in extension 'Adminer' (t3adminer)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-018/ +cve: ~ +branches: + master: + time: 2015-09-30 12:00 + versions: [<=7.0.1] +reference: composer://typo3-ter/t3adminer +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/t3blog/2010-02-01.yaml b/typo3-ter/t3blog/2010-02-01.yaml new file mode 100644 index 000000000..ee28bc42d --- /dev/null +++ b/typo3-ter/t3blog/2010-02-01.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2010-002: Multiple vulnerabilities in extension T3BLOG (t3blog)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2010-002/ +cve: ~ +branches: + master: + time: 2010-02-01 12:00 + versions: [<=0.6.2] +reference: composer://typo3-ter/t3blog +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/t3blog/2011-09-27.yaml b/typo3-ter/t3blog/2011-09-27.yaml new file mode 100644 index 000000000..22651a080 --- /dev/null +++ b/typo3-ter/t3blog/2011-09-27.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-013: Cross-Site scripting vulnerability in extension t3blog (t3blog)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-013/ +cve: ~ +branches: + master: + time: 2011-09-27 12:00 + versions: [<=1.1.1] +reference: composer://typo3-ter/t3blog +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/t3m/2009-08-18.yaml b/typo3-ter/t3m/2009-08-18.yaml new file mode 100644 index 000000000..b418d318d --- /dev/null +++ b/typo3-ter/t3m/2009-08-18.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2009-012: Blind SQL Injection vulnerability in extension T3M E-Mail Marketing Tool (t3m)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2009-012/ +cve: ~ +branches: + master: + time: 2009-08-18 12:00 + versions: [<=0.2.4] +reference: composer://typo3-ter/t3m +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/t3quixplorer/2015-09-30.yaml b/typo3-ter/t3quixplorer/2015-09-30.yaml new file mode 100644 index 000000000..4dee1eb4e --- /dev/null +++ b/typo3-ter/t3quixplorer/2015-09-30.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-020: Cross-Site Request Forgery in extension 'Typo3 Quixplorer' (t3quixplorer)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-020/ +cve: ~ +branches: + master: + time: 2015-09-30 12:00 + versions: [<=1.7.2] +reference: composer://typo3-ter/t3quixplorer +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/th-mailformplus/2008-05-05.yaml b/typo3-ter/th-mailformplus/2008-05-05.yaml new file mode 100644 index 000000000..1ba5d8699 --- /dev/null +++ b/typo3-ter/th-mailformplus/2008-05-05.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080505-1: Multiple vulnerabilities in extension MailformPlus (th_mailformplus)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080505-1/ +cve: ~ +branches: + master: + time: 2008-05-05 12:00 + versions: [<=4.0.3] +reference: composer://typo3-ter/th-mailformplus +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/th-mailformplus/2011-09-07.yaml b/typo3-ter/th-mailformplus/2011-09-07.yaml new file mode 100644 index 000000000..dfcbe9b36 --- /dev/null +++ b/typo3-ter/th-mailformplus/2011-09-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2011-009: Several Vulnerabilities in extension MailformPlus (th_mailformplus)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-009/ +cve: ~ +branches: + master: + time: 2011-09-07 12:00 + versions: [<=4.0.15] +reference: composer://typo3-ter/th-mailformplus +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/tipafriend/2010-04-14.yaml b/typo3-ter/tipafriend/2010-04-14.yaml new file mode 100644 index 000000000..26b520275 --- /dev/null +++ b/typo3-ter/tipafriend/2010-04-14.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2010-010: Vulnerabilitiy in extension Tip-A-Friend (tipafriend)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2010-010/ +cve: ~ +branches: + master: + time: 2010-04-14 12:00 + versions: [>=1.2.3,<=1.2.3] +reference: composer://typo3-ter/tipafriend +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/tt-news/2014-02-12.yaml b/typo3-ter/tt-news/2014-02-12.yaml new file mode 100644 index 000000000..d180424cd --- /dev/null +++ b/typo3-ter/tt-news/2014-02-12.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-003: Insecure Unserialize in extension News (tt_news)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-003/ +cve: ~ +branches: + master: + time: 2014-02-12 12:00 + versions: [<=3.5.1] +reference: composer://typo3-ter/tt-news +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/ve-guestbook/2009-06-16.yaml b/typo3-ter/ve-guestbook/2009-06-16.yaml new file mode 100644 index 000000000..7bb1e856f --- /dev/null +++ b/typo3-ter/ve-guestbook/2009-06-16.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2009-009: Cross-Site Scripting vulnerability in extension Modern Guestbook / Commenting System (ve_guestbook)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2009-009/ +cve: ~ +branches: + master: + time: 2009-06-16 12:00 + versions: [<=2.7.1] +reference: composer://typo3-ter/ve-guestbook +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/webdav/2014-11-27.yaml b/typo3-ter/webdav/2014-11-27.yaml new file mode 100644 index 000000000..f26ec24c4 --- /dev/null +++ b/typo3-ter/webdav/2014-11-27.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-017: Improper Access Control in WebDav for filemounts (webdav)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-017/ +cve: ~ +branches: + master: + time: 2014-11-27 12:00 + versions: [>=2.0.0,<=2.0.0] +reference: composer://typo3-ter/webdav +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/wec-discussion/2008-07-01.yaml b/typo3-ter/wec-discussion/2008-07-01.yaml new file mode 100644 index 000000000..95fe75b48 --- /dev/null +++ b/typo3-ter/wec-discussion/2008-07-01.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-20080701-4: Multiple vulnerabilities in extension WEC Discussion Forum (wec_discussion)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-20080701-4/ +cve: ~ +branches: + master: + time: 2008-07-01 12:00 + versions: [<=1.6.2] +reference: composer://typo3-ter/wec-discussion +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/wec-discussion/2011-04-07.yaml b/typo3-ter/wec-discussion/2011-04-07.yaml new file mode 100644 index 000000000..4dea8bc67 --- /dev/null +++ b/typo3-ter/wec-discussion/2011-04-07.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-SA-2011-003: SQL Injection vulnerabilities in extension 'WEC Discussion Forum' (wec_discussion)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-sa-2011-003/ +cve: ~ +branches: + master: + time: 2011-04-07 12:00 + versions: [<=2.1.0] +reference: composer://typo3-ter/wec-discussion +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/wf-gallery/2014-12-15.yaml b/typo3-ter/wf-gallery/2014-12-15.yaml new file mode 100644 index 000000000..c15b1f3a0 --- /dev/null +++ b/typo3-ter/wf-gallery/2014-12-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-021: Cross-Site Scripting vulnerability in wfGallery (wf_gallery)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-021/ +cve: ~ +branches: + master: + time: 2014-12-15 12:00 + versions: [<=1.0.3] +reference: composer://typo3-ter/wf-gallery +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/wt-directory/2015-06-15.yaml b/typo3-ter/wt-directory/2015-06-15.yaml new file mode 100644 index 000000000..0dd131e8f --- /dev/null +++ b/typo3-ter/wt-directory/2015-06-15.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-008: SQL Injection vulnerability in extension wt_directory (wt_directory)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-008/ +cve: ~ +branches: + master: + time: 2015-06-15 12:00 + versions: [<=1.4.1] +reference: composer://typo3-ter/wt-directory +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/yag/2014-02-12.yaml b/typo3-ter/yag/2014-02-12.yaml new file mode 100644 index 000000000..a6d025b77 --- /dev/null +++ b/typo3-ter/yag/2014-02-12.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2014-005: Access Bypass in extensions 'Yet Another Gallery' (yag) and 'Tools for Extbase development' (pt_extbase)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-005/ +cve: ~ +branches: + master: + time: 2014-02-12 12:00 + versions: [<=3.0.0] +reference: composer://typo3-ter/yag +composer-repository: https://composer.typo3.org diff --git a/typo3-ter/zend-framework/2015-09-30.yaml b/typo3-ter/zend-framework/2015-09-30.yaml new file mode 100644 index 000000000..3b8cc165c --- /dev/null +++ b/typo3-ter/zend-framework/2015-09-30.yaml @@ -0,0 +1,9 @@ +title: "TYPO3-EXT-SA-2015-019: File Disclosure in extension 'Zend Framework Integration' (zend_framework)" +link: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-019/ +cve: ~ +branches: + master: + time: 2015-09-30 12:00 + versions: [<=1.7.6] +reference: composer://typo3-ter/zend-framework +composer-repository: https://composer.typo3.org