ASA-2019-00415 – TYPO3: Possible deserialization side-effects in symfony/cache

Identifier(s) ASA-2019-00415, CVE-2019-10912, TYPO3-CORE-SA-2019-016 Title Possible deserialization side-effects in symfony/cache Vendor(s) TYPO3 Association Product(s) TYPO3 CMS Affected version(s) TYPO3 CMS versions 9.4.0 to 9.5.7 Fixed version(s) TYPO3 CMS version 9.5.8 Proof of concept Unknown Description Third party component symfony/cache could have been potentially leading to removal of arbitrary files in combination with other insecure deserialization … Continue reading ASA-2019-00415 – TYPO3: Possible deserialization side-effects in symfony/cache