CVE-2012-1591
Publication date 1 October 2012
Last updated 24 July 2024
Ubuntu priority
The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles.
Status
Package | Ubuntu Release | Status |
---|---|---|
drupal5 | ||
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
drupal6 | ||
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
drupal7 | ||
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty |
Not affected
|
|