Allele Security Alert
ASA-2019-00415, CVE-2019-10912, TYPO3-CORE-SA-2019-016
Possible deserialization side-effects in symfony/cache
TYPO3 CMS versions 9.4.0 to 9.5.7
TYPO3 CMS version 9.5.8
Proof of concept
Third party component symfony/cache could have been potentially leading to removal of arbitrary files in combination with other insecure deserialization vulnerabilities.
TYPO3 9.5.8 and 8.7.27 security releases published
TYPO3-CORE-SA-2019-016: Possible deserialization side-effects in symfony/cache
[TYPO3-announce] Announcing TYPO3 v9.5.8 and v8.7.27 security releases
CVE-2019-10912: Prevent destructors with side-effects from being unserialized
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: July 11, 2019