Is Contao 4.12.7 patched?

Contao · cycle 4.12 · end of life · Official site ↗

4.12.740/100End of life

Current stable (5.7.7): 100/100

Minimum safe version4.13.49

4.12.7 has 2 open critical-or-high vulnerabilities. Run 4.13.49 or later to clear them. See what 4.13.49 fixes →

Health score40/100

Open issues14

Exploited now0

Cycle 4.12 EOL2022-01-14

Latest release5.7.7

Summary iPlain-English security status for Contao 4.12.7, built from its CVEs, active-exploitation data, end-of-life date and latest release.

Contao 4.12.7 is part of the 4.12 release line. 14 known vulnerabilities affect it. The minimum safe version is 4.13.49 — upgrade to it or later to clear the open critical/high issues. The 4.12 line reached end-of-life on 2022-01-14, so it no longer receives security patches. The latest supported Contao release is 5.7.7.

Known issues affecting 4.12.7

Exploited first, then by exploitation probability.

CVE-2023-29200 MEDIUM EPSS 1% → fixed in 5.1.4 CVE-2024-28235 HIGH EPSS 1% → fixed in 5.3.4 CVE-2024-28234 MEDIUM EPSS 1% → fixed in 5.3.4 CVE-2023-36806 MEDIUM EPSS 1% → fixed in 5.1.10 CVE-2024-45398 HIGH EPSS 1% → fixed in 5.4.3 CVE-2024-28190 MEDIUM EPSS 1% → fixed in 5.3.4 CVE-2024-28191 LOW EPSS 0% → fixed in 5.3.4 CVE-2024-30262 MEDIUM EPSS 0% → fixed in 4.13.40 CVE-2024-45604 MEDIUM EPSS 0% → fixed in 4.13.49 CVE-2024-45965 MEDIUM EPSS 0% → fixed in 5.5.6 CVE-2025-57756 MEDIUM EPSS 0% → fixed in 5.6.1 CVE-2025-29790 MEDIUM EPSS 0% → fixed in 5.5.6 CVE-2025-65960 MEDIUM EPSS 0% → fixed in 5.6.5 CVE-2025-65961 LOW EPSS 0% → fixed in 5.6.5

Other Contao versions

Check another release line of Contao.

Contao 5.7.7 Contao 5.6.11 Contao 5.5.16 Contao 5.4.14 Contao 5.3.46 Contao 5.2.10 Contao 5.1.11 Contao 5.0.10 Contao 4.13.58 Contao 4.11.9 Contao 4.10.7 Contao 4.9.42 Contao 4.4.57 Contao 3.5.40

Frequently asked

Is Contao 4.12.7 patched?

Contao 4.12.7 is end-of-life and no longer receives security patches. Move to 5.7.7.

What version should I upgrade Contao 4.12.7 to?

Upgrade Contao 4.12.7 to at least 4.13.49 to clear its 2 open critical-or-high vulnerabilities.

When does Contao 4.12 reach end-of-life?

Contao 4.12 reached end-of-life on 2022-01-14 and no longer receives security patches.

What is the latest version of Contao?

The latest supported Contao release is 5.7.7.

Is Contao 4.12.7 still receiving security updates?

No — Contao 4.12.7 is on the 4.12 line, which reached end-of-life on 2022-01-14 and no longer receives security updates. Upgrade to 5.7.7 or later to stay supported.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Contao's official advisory before you patch or upgrade — Contao official site ↗