The Image module in Drupal 7.x prior to 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote malicious users to read derivative images of otherwise restricted images via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 7.0 |
||
drupal drupal 7.2 |
||
drupal drupal 7.1 |
||
drupal drupal 7.15 |
||
drupal drupal 7.5 |
||
drupal drupal 7.4 |
||
drupal drupal 7.7 |
||
drupal drupal 7.6 |
||
drupal drupal 7.16 |
||
drupal drupal 7.14 |
||
drupal drupal 7.x-dev |
||
drupal drupal 7.12 |
||
drupal drupal 7.9 |
||
drupal drupal 7.11 |
||
drupal drupal 7.17 |
||
drupal drupal 7.18 |
||
drupal drupal 7.13 |
||
drupal drupal 7.3 |
||
drupal drupal 7.8 |
||
drupal drupal 7.10 |