Описание
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of otherwise restricted images via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| hardy | DNE | |
| lucid | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 7.22-1 |
| esm-apps/xenial | not-affected | 7.22-1 |
| esm-infra-legacy/trusty | not-affected | 7.22-1 |
| hardy | DNE | |
| lucid | DNE | |
| oneiric | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | not-affected | 7.22-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of otherwise restricted images via unspecified vectors.
The Image module in Drupal 7.x before 7.19, when a private file system ...
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of otherwise restricted images via unspecified vectors.
EPSS
4.3 Medium
CVSS2