CVE-2012-5651
Published: 3 January 2013
Drupal 6.x before 6.27 and 7.x before 7.18 displays information for blocked users, which might allow remote attackers to obtain sensitive information by reading the search results.
Priority
Status
Package | Release | Status |
---|---|---|
drupal6 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.27)
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
drupal7 Launchpad, Ubuntu, Debian |
trusty |
Not vulnerable
(7.22-1)
|
vivid |
Not vulnerable
(7.22-1)
|
|
hardy |
Does not exist
|
|
lucid |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Not vulnerable
(7.22-1)
|
|
saucy |
Not vulnerable
(7.22-1)
|
|
upstream |
Released
(7.18)
|
|
utopic |
Not vulnerable
(7.22-1)
|
|
wily |
Not vulnerable
(7.22-1)
|
|
xenial |
Not vulnerable
(7.22-1)
|
|
yakkety |
Not vulnerable
(7.22-1)
|
|
zesty |
Not vulnerable
(7.22-1)
|