4 matches found
PT-2025-6187 · Unknown · Octopus Server
Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The preview import feature in affected versions of Octopus Server could be used to identify the existence of a target file, providing an adversary with information that may aid in...
CVE-2023-32979
Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system...
PYSEC-2021-98
Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been...
sudo.info.txt
Date: Tue, 8 Jun 1999 21:23:55 +0200 From: Bencsath Boldizsar To: [email protected] Subject: unneeded information in sudo Sudo debian , v1.5.6p2-2 tells anyone if a file exists or not. It's not a very big problem, but when i set a directory not accessible to anyone but root, I want to make sur...