Описание
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
Уязвимые конфигурации
Конфигурация 1Версия до 2.1b2 (включая)
Одно из
cpe:2.3:a:turbogears:turbogears2:*:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7a2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7a3:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7a4:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7b1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7b2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b3:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b4:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b5:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b6:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b7:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1a1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1a2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1a3:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1b1:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00296
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
ubuntu
около 15 лет назад
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
debian
около 15 лет назад
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 expos ...
github
больше 3 лет назад
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
EPSS
Процентиль: 53%
0.00296
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo