A notice was sent out by Joomla today:
http://developer.joomla.org/security/news
Quote
[20130202] - Core - Information Disclosure
Posted: 08 Oct 2012 02:09 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 3.0.2 and earlier 3.0.x versions.
Exploit type: Information disclosure
Reported Date: 2013-January-16
Fixed Date: 2013-February-4
CVE Number: CVE-2013-1455
Description
Undefined variable caused information disclosure in some situations.
Affected Installs
Joomla! version 3.0.2 and earlier 3.0.x versions.
Solution
Upgrade to version 3.0.3.
Reported by Mark Dexter
Contact
The JSST at the Joomla! Security Center.
[20130203] - Core - Information Disclosure
Posted: 08 Oct 2012 02:09 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 3.0.2 and earlier 3.0.x versions.
Exploit type: Information disclosure
Reported Date: 2013-January-13
Fixed Date: 2013-February-4
CVE Number: CVE-2013-1454
Description
Coding errors led to information disclosure in some situations.
Affected Installs
Joomla! version 3.0.2 and earlier 3.0.x versions.
Solution
Upgrade to version 3.0.3.
Reported by Stergios Kolios
Contact
The JSST at the Joomla! Security Center.
[20130201] - Core - Information Disclosure
Posted: 08 Oct 2012 02:09 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
Exploit type: Information disclosure
Reported Date: 2012-October-31
Fixed Date: 2013-February-4
CVE Number: CVE-2013-1453
Description
Method of encoding search terms led to possible information disclosure.
Affected Installs
Joomla! version 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
Solution
Upgrade to version 3.0.3 or 2.5.9.
Reported by Egidio Romano
Contact
The JSST at the Joomla! Security Center.