VYPR
Unrated severityNVD Advisory· Published Apr 22, 2019· Updated Sep 16, 2024

get_file_by_name does not check owner

CVE-2014-1426

Description

A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Canonical/Maasllm-fuzzy
    Range: <1.9.2
  • Ubuntu/maasv5
    Range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.