CVE-2013-7301

EUVD-2013-7078
Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
craig_drummondcantata
𝑥
≤ 1.2.1
craig_drummondcantata
0.7.0
craig_drummondcantata
0.7.1
craig_drummondcantata
0.8.0
craig_drummondcantata
0.8.1
craig_drummondcantata
0.8.2
craig_drummondcantata
0.8.3
craig_drummondcantata
0.8.3.1
craig_drummondcantata
0.9.0
craig_drummondcantata
0.9.1
craig_drummondcantata
0.9.2
craig_drummondcantata
1.0.0
craig_drummondcantata
1.0.1
craig_drummondcantata
1.0.2
craig_drummondcantata
1.0.3
craig_drummondcantata
1.1.0
craig_drummondcantata
1.1.1
craig_drummondcantata
1.1.2
craig_drummondcantata
1.1.3
craig_drummondcantata
1.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cantata
bookworm
2.5.0.ds1-1
fixed
bullseye
2.4.2.ds1-1
fixed
sid
2.5.0.ds1-3
fixed
trixie
2.5.0.ds1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cantata
lucid
dne
precise
dne
quantal
dne
raring
ignored
saucy
ignored
trusty
dne
Common Weakness Enumeration
References
http://seclists.org/oss-sec/2014/q1/121
http://seclists.org/oss-sec/2014/q1/124
https://code.google.com/p/cantata/issues/detail?id=356
http://seclists.org/oss-sec/2014/q1/121
http://seclists.org/oss-sec/2014/q1/124
https://code.google.com/p/cantata/issues/detail?id=356