{"id":"CVE-2019-11832","details":"TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.","aliases":["GHSA-3w4h-r27h-4r2w"],"modified":"2026-04-11T17:19:15.587992Z","published":"2019-05-09T05:29:01.957Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/108305"},{"type":"ADVISORY","url":"https://typo3.org/security/advisory/typo3-core-sa-2019-012/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/TYPO3/typo3","events":[{"introduced":"a9a68ed6a41c86e6d46629c15ca4bdffe85344f1"},{"fixed":"3ca26fbd711b62db4cc6df5ff7b98d4a99b14670"},{"introduced":"41235ff8e38c6f3401df03ae8beddd62d662c525"},{"fixed":"77f092b4b9a9690fbd033ee8e2e9112f3ea7e08f"}],"database_specific":{"cpe":"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"8.0.0"},{"fixed":"8.7.25"},{"introduced":"9.0.0"},{"fixed":"9.5.6"}]}}],"versions":["8.0.0","8.1.0","8.2.0","8.3.0","8.4.0","8.5.0","8.6.0","8.7.0","8.7.1","8.7.10","8.7.11","8.7.12","8.7.13","8.7.14","8.7.15","8.7.16","8.7.17","8.7.18","8.7.19","8.7.2","8.7.20","8.7.21","8.7.22","8.7.23","8.7.24","8.7.4","8.7.5","8.7.6","8.7.7","8.7.8","8.7.9","TYPO3_8-0-0","TYPO3_8-1-0","TYPO3_8-2-0","TYPO3_8-3-0","TYPO3_8-4-0","TYPO3_8-5-0","TYPO3_8-6-0","TYPO3_8-7-0","TYPO3_8-7-1","TYPO3_8-7-10","TYPO3_8-7-11","TYPO3_8-7-12","TYPO3_8-7-13","TYPO3_8-7-14","TYPO3_8-7-15","TYPO3_8-7-16","TYPO3_8-7-17","TYPO3_8-7-18","TYPO3_8-7-19","TYPO3_8-7-2","TYPO3_8-7-20","TYPO3_8-7-21","TYPO3_8-7-22","TYPO3_8-7-23","TYPO3_8-7-24","TYPO3_8-7-4","TYPO3_8-7-5","TYPO3_8-7-6","TYPO3_8-7-7","TYPO3_8-7-8","TYPO3_8-7-9","v8.7.10","v8.7.11","v8.7.12","v8.7.13","v8.7.14","v8.7.15","v8.7.16","v8.7.17","v8.7.18","v8.7.19","v8.7.20","v8.7.21","v8.7.22","v8.7.23","v8.7.24","v8.7.4","v8.7.5","v8.7.6","v8.7.7","v8.7.8","v8.7.9","v9.0.0","v9.1.0","v9.2.0","v9.3.0","v9.4.0","v9.5.0","v9.5.1","v9.5.2","v9.5.3","v9.5.4","v9.5.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-11832.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}