Опубликовано: 12 апр. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.1
Описание
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 6.38 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | DNE |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | not-affected | |
| precise | not-affected | |
| precise/esm | DNE | precise was not-affected |
| trusty | not-affected | |
| trusty/esm | not-affected | |
| upstream | not-affected | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
10
EPSS
Процентиль: 92%
0.08219
Низкий
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
CVSS3: 8.1
nvd
почти 10 лет назад
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
CVSS3: 8.1
debian
почти 10 лет назад
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before ...
EPSS
Процентиль: 92%
0.08219
Низкий
6.8 Medium
CVSS2
8.1 High
CVSS3