CVE-2024-45440
Publication date 29 August 2024
Last updated 4 September 2024
Ubuntu priority
core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.
Status
Package | Ubuntu Release | Status |
---|---|---|
drupal7 | 24.04 LTS noble | Not in release |
22.04 LTS jammy | Not in release | |
20.04 LTS focal | Not in release | |
16.04 LTS xenial |
Needs evaluation
|
|
14.04 LTS trusty |
Needs evaluation
|