Drupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012
|
System information
|
|
|
Affected software |
Drupal |
Description
|
Project: Drupal coreDate: 2022-July-20Security risk: Moderately critical 13∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Information DisclosureAffected versions: >=7.0 = 8.0.0 = 9.4.0 CVE IDs: CVE-2022-25275Description: In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system.Access to a non-public file is checked
More info:
https://www.drupal.org/sa-core-2022-012 |
Standar resources
|
Property |
Value |
CVE |
CVE-2022-25275. |