CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2013-0246 — MEDIUM severity vulnerability | Release Alert
CVE-2013-0246
4.3
MEDIUMCVSS v2
Published
July 16, 2013
Affected
2 projects
Assigned by
Red Hat
Severity scale
010
Description
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of otherwise restricted images via unspecified vectors.
GitHubVerbatim mirror of the git.drupal.org repository for Drupal core. Please see the https://github.com/drupal/drupal#contributing. PRs are not accepted on GitHub.