CVE-2019-12903

NONE EPSS 56.2%
Published Jun 20, 20197y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jun 20, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails to handle this and includes the database column/table name as pert of the error message, exposing sensitive information.

Threat Intelligence

EPSS Exploit Probability
56.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-209

Affected Products 1

VendorProductVersionRange
pydiocells* <1.5.0

References 2

  • pydio.com https://pydio.com/en/community/releases/pydio-cells/pydio-cells-150-performances-features-security
    Release NotesVendor Advisory
  • research.loginsoft.com https://research.loginsoft.com/vulnerability/multiple-vulnerabilities-in-pydio-cells-1-4-1/
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.