CVE-2021-31865
28.04.2021, 07:15
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments.Enginsight
| Vendor | Product | Version |
|---|---|---|
| redmine | redmine | 𝑥 < 4.0.9 |
| redmine | redmine | 4.1.0 ≤ 𝑥 < 4.1.3 |
| redmine | redmine | 4.2.0 ≤ 𝑥 < 4.2.1 |
| debian | debian_linux | 9.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References