CVE-2013-7301

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
craig_drummondcantata
𝑥
≤ 1.2.1
craig_drummondcantata
0.7.0
craig_drummondcantata
0.7.1
craig_drummondcantata
0.8.0
craig_drummondcantata
0.8.1
craig_drummondcantata
0.8.2
craig_drummondcantata
0.8.3
craig_drummondcantata
0.8.3.1
craig_drummondcantata
0.9.0
craig_drummondcantata
0.9.1
craig_drummondcantata
0.9.2
craig_drummondcantata
1.0.0
craig_drummondcantata
1.0.1
craig_drummondcantata
1.0.2
craig_drummondcantata
1.0.3
craig_drummondcantata
1.1.0
craig_drummondcantata
1.1.1
craig_drummondcantata
1.1.2
craig_drummondcantata
1.1.3
craig_drummondcantata
1.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cantata
bullseye
2.4.2.ds1-1
fixed
bookworm
2.5.0.ds1-1
fixed
sid
2.5.0.ds1-3
fixed
trixie
2.5.0.ds1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cantata
trusty
dne
saucy
ignored
raring
ignored
quantal
dne
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://seclists.org/oss-sec/2014/q1/121
http://seclists.org/oss-sec/2014/q1/124
https://code.google.com/p/cantata/issues/detail?id=356
http://seclists.org/oss-sec/2014/q1/121
http://seclists.org/oss-sec/2014/q1/124
https://code.google.com/p/cantata/issues/detail?id=356