Описание
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 4.0.4-1 |
| cosmic | not-affected | 4.0.4-1 |
| devel | not-affected | 4.0.4-1 |
| disco | not-affected | 4.0.4-1 |
| eoan | not-affected | 4.0.4-1 |
| esm-apps/bionic | not-affected | 4.0.4-1 |
| esm-apps/focal | not-affected | 4.0.4-1 |
| esm-apps/jammy | not-affected | 4.0.4-1 |
| esm-apps/noble | not-affected | 4.0.4-1 |
Показывать по
Ссылки на источники
EPSS
4 Medium
CVSS2
4.4 Medium
CVSS3
Связанные уязвимости
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3 ...
Tryton allow authenticated users with certain permissions to read arbitrary files via the name parameter
Security update for GNU Health and it's dependencies
EPSS
4 Medium
CVSS2
4.4 Medium
CVSS3