Your submission was sent successfully! Close

CVE-2015-8748

Published: 3 February 2016

Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".

Priority

Medium

CVSS 3 base score: 5.3

Status

Package Release Status
radicale
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(1.1.1-1)
cosmic Not vulnerable
(1.1.1-1)
disco Not vulnerable
(1.1.1-1)
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was needed)
upstream
Released (0.9-1+deb8u1, 1.1.1-1)
vivid
Released (0.9-1+deb8u1build0.15.04.1)
wily Ignored
(reached end-of-life)
xenial Not vulnerable
(1.1.1-1)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)