[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE Request for Drupal Core
From:       cve-assign () mitre ! org
Date:       2014-04-22 1:18:13
Message-ID: 201404220118.s3M1IDQL029245 () linus ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> SA-CORE-2014-002 - Drupal core - Information Disclosure
> https://drupal.org/SA-CORE-2014-002

> Drupal's form API ... When pages are cached ... there is a chance that
> interim form input recorded for one anonymous user (which may include
> sensitive or private information, depending on the nature of the form)
> will be disclosed to other users interacting with the same form at the
> same time

Use CVE-2014-2983.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTVcMIAAoJEKllVAevmvmsOhMH/jxUssmaa2sl7LFx/mA3jg46
mSI/dHm9v5ONYa14zoXi2DAEi8birAKjbIgtz/b2kd9Q5RVCzD5qVQiTIjYgQCFD
w5VkFkxZp33sG5HsgBGbpQPbHX+M0inHqvH3j4XE36w0QZ8rtNwehWIb/alZoqw2
M4U6OyC6fEUgsJuoeIxg+zvJFYniWOQFI1y5t/XZ6NaTEHyXK85wabaNEuzt4t2O
V+zXgdO1gAudEbvYe9kAJ81tcxv9rYXUhpmxePlF5mkQxIDU9RevgRAaCjpvUO/J
SThzZT7mBZbUSd7xubU7B2EGGx9JWqKOTKG0KRG4EKkZ+aHpH7UcjOFKUjrxGBY=
=vHDf
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]