Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.6 views

CVE-2023-31250

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

6.5CVSS6.7AI score0.0054EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-31250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they...

6.5CVSS6.5AI score0.0054EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/26 12:0 a.m.11 views

CVE-2023-31250 Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...

6.5AI score0.0054EPSS
Exploits0References1
CVE
CVE
added 2023/04/26 12:0 a.m.129 views

CVE-2023-31250

Drupal core contains a path traversal vulnerability in the file download facility caused by insufficient sanitization of file paths. This can lead to unauthorized access to private files (high confidentiality impact). Affected: Drupal core; vulnerability tracked as SA-CORE-2023-005 (CVE-2023-3125...

6.5CVSS6.3AI score0.0054EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder