{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-21T08:10:34.685","vulnerabilities":[{"cve":{"id":"CVE-2014-6275","sourceIdentifier":"security@debian.org","published":"2020-01-02T22:15:11.317","lastModified":"2026-06-17T00:12:49.327","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If project webpages are hosted on the same server than FusionForge, it can allow users to incorrectly access on-disk private data in FusionForge."},{"lang":"es","value":"FusionForge versiones anteriores a la versión 5.3.2, utiliza scripts que se ejecutan bajo el usuario de Apache compartido, que es también usado en las páginas de inicio del proyecto por defecto. Si las páginas web del proyecto están alojadas en el mismo servidor que FusionForge, puede permitir a usuarios acceder incorrectamente a datos privados en disco en FusionForge."}],"affected":[{"source":"security@debian.org","affectedData":[{"vendor":"Red Hat","product":"FusionForge","versions":[{"version":"before 5.3.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fusionforge:fusionforge:*:*:*:*:*:*:*:*","versionEndExcluding":"5.3.2","matchCriteriaId":"E346ABFE-356E-4927-B490-F74FB6CF4A91"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]}],"references":[{"url":"http://lists.fusionforge.org/pipermail/fusionforge-general/2014-September/002824.html","source":"security@debian.org","tags":["Mailing List","Tool Signature"]},{"url":"https://security-tracker.debian.org/tracker/CVE-2014-6275","source":"security@debian.org","tags":["Third Party Advisory"]},{"url":"http://lists.fusionforge.org/pipermail/fusionforge-general/2014-September/002824.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Tool Signature"]},{"url":"https://security-tracker.debian.org/tracker/CVE-2014-6275","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}