First published: Tue Sep 24 2019(Updated: )
CVE-2019-16409: Secureassets and versionedfiles modules can expose versions of protected files
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
composer/silverstripe/framework | >=4.0.0<4.3.5>=4.4.0<4.4.4 | |
Silverstripe silverstripe | >=3.0.0<=3.7.4 | |
Symbiote Versionedfiles | <=2.0.3 | |
composer/silverstripe/framework | >=4.4.0<4.4.4 | 4.4.4 |
composer/silverstripe/framework | >=4.0.0<4.3.5 | 4.3.5 |
composer/symbiote/silverstripe-versionedfiles | <=2.0.3 | |
>=3.0.0<=3.7.4 | ||
<=2.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-16409 is a vulnerability in the Secureassets and versionedfiles modules that can expose versions of protected files.
The CVE-2019-16409 vulnerability affects Silverstripe framework versions 4.0.0 to 4.3.5 and 4.4.0 to 4.4.4.
CVE-2019-16409 can be exploited by attackers to access versions of protected files through the Secureassets and versionedfiles modules.
CVE-2019-16409 is a medium severity vulnerability.
To fix CVE-2019-16409, update the Silverstripe framework to version 4.3.6 or 4.4.5, which include the necessary security patches.