Описание
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
Уязвимые конфигурации
Конфигурация 1Версия до 2.1b2 (включая)
Одно из
cpe:2.3:a:turbogears:turbogears2:*:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7a2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7a3:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7a4:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7b1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:1.9.7b2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b3:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b4:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b5:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b6:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.0b7:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1a1:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1a2:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1a3:*:*:*:*:*:*:*
cpe:2.3:a:turbogears:turbogears2:2.1b1:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00296
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
ubuntu
больше 15 лет назад
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
debian
больше 15 лет назад
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 expos ...
github
почти 4 года назад
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
EPSS
Процентиль: 52%
0.00296
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo