Vulnerability Database

290,300

Total vulnerabilities in the database

CVE-2014-6276

schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.

  • Published: Apr 13, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-6276
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
roundup-tracker / roundup - 1.5.0.x
debian / debian_linux 8.0 8.0.x
debian / debian_linux 7.0 7.0.x