Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information.
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "redmine", "binary_version": "3.4.2-1" }, { "binary_name": "redmine-mysql", "binary_version": "3.4.2-1" }, { "binary_name": "redmine-pgsql", "binary_version": "3.4.2-1" }, { "binary_name": "redmine-sqlite", "binary_version": "3.4.2-1" } ] }