Medium severity4.3NVD Advisory· Published Apr 13, 2016· Updated Jun 17, 2026
CVE-2014-6276
CVE-2014-6276
Description
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
roundupPyPI | < 1.5.1 | 1.5.1 |
Affected products
5- Range: <1.5.1
Patches
Vulnerability mechanics
References
6- sourceforge.net/p/roundup/code/ci/tip/tree/CHANGES.txtnvdPatchWEB
- github.com/advisories/GHSA-j556-q367-2gw6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2014-6276ghsaADVISORY
- hg.code.sf.net/p/roundup/code/rev/a403c29ffaf9nvdWEB
- www.debian.org/security/2016/dsa-3502nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/roundup/PYSEC-2016-33.yamlghsaWEB
News mentions
0No linked articles in our index yet.