4 matches found
Debian DSA-4191-1 : redmine - security update
Multiple vulnerabilities were discovered in Redmine, a project management web application. They could lead to remote code execution, information disclosure or cross-site scripting attacks. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
CVE-2017-15575
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact...
CVE-2017-15575
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact...
CVE-2017-15575
CVE-2017-15575 affects Redmine prior to 3.2.6 and 3.3.x prior to 3.3.3. Root cause: Redmine.pm does not verify if the Repository module is enabled in a project’s settings, allowing remote attackers to obtain sensitive diff information (and possibly other impact). Impact: information disclosure. M...