Lucene search
PRIOn knowledge basePRION:CVE-2019-13981HistoryJul 19, 2019 - 3:15 p.m.
Design/Logic Flaw
2019-07-1915:15:00
PRIOn knowledge base
www.prio-n.com
3
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a filename under the uploads/_/originals/ directory. This is related to a configuration option in which the file collection can be non-public, but this option does not apply to the thumbnailer.
| CPE | Name | Operator | Version |
|---|---|---|---|
| directus_7_api | le | 2.3.0 |
Related
osv
osv
CVE-2019-13981
2019-07-19 15:15:12
cve
cve
CVE-2019-13981
2019-07-19 15:15:12
cvelist
cvelist
CVE-2019-13981
2019-07-19 14:17:58
nvd
nvd
CVE-2019-13981
2019-07-19 15:15:12