sjbr/sr-freecap
Packagist2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting sjbr/sr-freecappage 1 of 1
- CVE-2009-3818NONECVSS 0.0EG 0.0✓ Fixed in 1.2.22009-10-28
Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors.
- CVE-2019-16699CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.4.62019-10-16
vulnerable: 2.3.1, 2.4.0, 2.4.4, 2.4.5
The sr_freecap (aka freeCap CAPTCHA) extension 2.4.5 and below and 2.5.2 and below for TYPO3 fails to sanitize user input, which allows execution of arbitrary Extbase actions, resulting in Remote Code Execution.
Check whether sjbr/sr-freecap is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for sjbr/sr-freecap CVEs against the assets you own.
Start Free Scan →