Описание
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Issue Tracking
- Third Party Advisory
- Vendor Advisory
- Issue Tracking
Уязвимые конфигурации
Одно из
Одно из
Одно из
Одно из
EPSS
4.4 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3 ...
Tryton allow authenticated users with certain permissions to read arbitrary files via the name parameter
Security update for GNU Health and it's dependencies
EPSS
4.4 Medium
CVSS3
4 Medium
CVSS2