Lucene search
K

7 matches found

OSV
OSV
added 2025/11/12 8:16 p.m.6 views

DRUPAL-CORE-2025-008

The core system module handles downloads of private and temporary files. Contrib modules can define additional kinds of files schemes that may also be handled by the system module. In some cases, files may be served with the HTTP header Cache-Control: public when they should be uncacheable. This...

3.7CVSS6.5AI score0.00249EPSS
Exploits0References1
Drupal
Drupal
added 2025/11/12 12:0 a.m.11 views

Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008

The core system module handles downloads of private and temporary files. Contrib modules can define additional kinds of files schemes that may also be handled by the system module. In some cases, files may be served with the HTTP header Cache-Control: public when they should be uncacheable. This...

3.7CVSS5.5AI score0.00249EPSS
Exploits0References7
OSV
OSV
added 2023/04/26 2:15 p.m.1 views

UBUNTU-CVE-2022-25275

In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the "private" file system. However,...

7.5CVSS5.7AI score0.00667EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/04/26 12:0 a.m.43 views

CVE-2022-25275

In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the "private" file system. However,...

7.5AI score0.00667EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/26 12:0 a.m.8 views

CVE-2022-25275

In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the "private" file system. However,...

7.5AI score0.00667EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/06 12:0 a.m.4 views

PT-2022-17184 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal versions prior to the fixed version Description: The Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access ...

7.5CVSS7.3AI score0.00667EPSS
Exploits0References14
OSV
OSV
added 2022/07/20 3:34 p.m.5 views

DRUPAL-CORE-2022-012

In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the "private" file system. However,...

7.5CVSS6.6AI score0.00667EPSS
Exploits0References1
Rows per page
Query Builder