| 0 |
| url |
VCID-163u-tpj9-skc5 |
| vulnerability_id |
VCID-163u-tpj9-skc5 |
| summary |
Cross-site Scripting vulnerability in drupal. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.12 |
| purl |
pkg:composer/drupal/core@8.6.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 2 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 7 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 8 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 9 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 10 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 11 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 12 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 13 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 14 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 15 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 16 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 17 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 18 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 19 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 20 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 21 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 22 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 23 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 24 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 25 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 26 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 27 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 28 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 29 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 30 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 31 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 32 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 33 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 34 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.12 |
|
|
| aliases |
GMS-2019-147
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-163u-tpj9-skc5 |
|
| 1 |
| url |
VCID-1jfe-j1fz-juec |
| vulnerability_id |
VCID-1jfe-j1fz-juec |
| summary |
URL Redirection to Untrusted Site ('Open Redirect')
Anonymous Open Redirect in drupal. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GMS-2018-54
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1jfe-j1fz-juec |
|
| 2 |
| url |
VCID-1unn-dn56-vufe |
| vulnerability_id |
VCID-1unn-dn56-vufe |
| summary |
File REST resource does not properly validate
The file REST resource does not properly validate some fields when manipulating files. the file REST resource is enabled and allows PATCH requests, and an attacker can get or register a user account on the site with permissions to upload files and to modify the file resource. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.3.4 |
| purl |
pkg:composer/drupal/core@8.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 22 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 23 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 24 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 25 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 26 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 27 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 28 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 29 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 30 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 31 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 32 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 33 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 34 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 35 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 36 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 37 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 38 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 39 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 40 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 41 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 42 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 43 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 44 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 45 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 46 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 47 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 48 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 49 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 50 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 51 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 52 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 53 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 54 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 55 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 56 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 57 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 58 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.4 |
|
|
| aliases |
CVE-2017-6921, GHSA-h377-287m-w2r9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1unn-dn56-vufe |
|
| 3 |
| url |
VCID-1xsh-7f63-v3df |
| vulnerability_id |
VCID-1xsh-7f63-v3df |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.9.14 |
| purl |
pkg:composer/drupal/core@8.9.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 13 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 14 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 15 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 16 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 17 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 18 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 19 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 20 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 21 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 22 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 23 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.14 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.0.12 |
| purl |
pkg:composer/drupal/core@9.0.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 13 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 14 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 15 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 16 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 17 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 18 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 19 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.12 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.1.7 |
| purl |
pkg:composer/drupal/core@9.1.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 17 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 18 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 19 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 20 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 23 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 24 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.7 |
|
|
| aliases |
CVE-2020-13672, GHSA-3m36-mjwj-352c
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1xsh-7f63-v3df |
|
| 4 |
| url |
VCID-2bnn-1wmq-ckdd |
| vulnerability_id |
VCID-2bnn-1wmq-ckdd |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.2.3 |
| purl |
pkg:composer/drupal/core@8.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 14 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 15 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 16 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 17 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 18 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 19 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 20 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 21 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 22 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 23 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 24 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 25 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 26 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 27 |
| vulnerability |
VCID-g3u3-6dza-gkg7 |
|
| 28 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 29 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 30 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 31 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 32 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 33 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 34 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 35 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 36 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 37 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 38 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 39 |
| vulnerability |
VCID-jyzy-3fjs-b3fs |
|
| 40 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 41 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 42 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 43 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 44 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 45 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 46 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 47 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 48 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 49 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 50 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 51 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 52 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 53 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 54 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 55 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 56 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 57 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 58 |
| vulnerability |
VCID-tv1h-9yxp-ryap |
|
| 59 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 60 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 61 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 62 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 63 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 64 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 65 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 66 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 67 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.3 |
|
|
| aliases |
CVE-2016-9449, GHSA-p745-347h-hjfw
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2bnn-1wmq-ckdd |
|
| 5 |
| url |
VCID-3x3y-uf5e-m7hw |
| vulnerability_id |
VCID-3x3y-uf5e-m7hw |
| summary |
Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.7.11 |
| purl |
pkg:composer/drupal/core@8.7.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 3 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 4 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 19 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 20 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 21 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 22 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 23 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 24 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 25 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 26 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 27 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 28 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 29 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 30 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.11 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.8.1 |
| purl |
pkg:composer/drupal/core@8.8.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4gsc-v4nm-nke8 |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 7 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 8 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 9 |
| vulnerability |
VCID-8a7d-mfrd-myeq |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bxh1-7fvj-zybm |
|
| 13 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 14 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 18 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 19 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 23 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 24 |
| vulnerability |
VCID-jq2w-q55u-8bbq |
|
| 25 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 26 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 29 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 33 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 34 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 35 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 36 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 37 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 38 |
| vulnerability |
VCID-u6ud-1gef-1qbn |
|
| 39 |
| vulnerability |
VCID-vbkh-vghp-qqht |
|
| 40 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 41 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.1 |
|
|
| aliases |
GHSA-98h9-727m-44qv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3x3y-uf5e-m7hw |
|
| 6 |
| url |
VCID-49e1-axzk-3bdq |
| vulnerability_id |
VCID-49e1-axzk-3bdq |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.9.19 |
| purl |
pkg:composer/drupal/core@8.9.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 8 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 9 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 10 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 11 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 12 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 13 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 14 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 15 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 16 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 17 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 18 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.1.13 |
| purl |
pkg:composer/drupal/core@9.1.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 13 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 14 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 15 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 16 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 17 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 18 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 19 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.13 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.2.6 |
| purl |
pkg:composer/drupal/core@9.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-ksza-1wkb-hug6 |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 17 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 18 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 19 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 20 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 21 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 22 |
| vulnerability |
VCID-zye6-b5h4-kqch |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.6 |
|
|
| aliases |
CVE-2020-13674, GHSA-j586-cj67-vg4p
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-49e1-axzk-3bdq |
|
| 7 |
| url |
VCID-4p5n-ujzt-qfdx |
| vulnerability_id |
VCID-4p5n-ujzt-qfdx |
| summary |
Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor
Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.8.10 |
| purl |
pkg:composer/drupal/core@8.8.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 19 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 20 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 21 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 22 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 23 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 24 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 25 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 26 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 27 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 28 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.10 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.9.6 |
| purl |
pkg:composer/drupal/core@8.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 19 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 20 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 21 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 22 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 23 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 24 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 25 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 26 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 27 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 28 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 29 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.6 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.0.6 |
| purl |
pkg:composer/drupal/core@9.0.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 16 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 17 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 18 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 19 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 20 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 23 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 24 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 25 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.6 |
|
|
| aliases |
CVE-2020-13669, GHSA-c533-c843-67h8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4p5n-ujzt-qfdx |
|
| 8 |
| url |
VCID-4un9-k6n8-nffu |
| vulnerability_id |
VCID-4un9-k6n8-nffu |
| summary |
Access Bypass
This is a critical access bypass vulnerability in Drupal. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.2.8 |
| purl |
pkg:composer/drupal/core@8.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 8 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 9 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 10 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 11 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 12 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 13 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 14 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 15 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 16 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 17 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 18 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 19 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 20 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 21 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 22 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 23 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 24 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 25 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 26 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 27 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 28 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 29 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 30 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 31 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 32 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 33 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 34 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 35 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 36 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 37 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 38 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 39 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 40 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 41 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 42 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 43 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 44 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 45 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 46 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 47 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 48 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 49 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 50 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 51 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 52 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 53 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 54 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 55 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 56 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 57 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 58 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 59 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 60 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 61 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 62 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 63 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.8 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.3.1 |
| purl |
pkg:composer/drupal/core@8.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 8 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 9 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 10 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 11 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 12 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 13 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 14 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 15 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 16 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 17 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 18 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 19 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 20 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 21 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 22 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 23 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 24 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 25 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 26 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 27 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 28 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 29 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 30 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 31 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 32 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 33 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 34 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 35 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 36 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 37 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 38 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 39 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 40 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 41 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 42 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 43 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 44 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 45 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 46 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 47 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 48 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 49 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 50 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 51 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 52 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 53 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 54 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 55 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 56 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 57 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 58 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 59 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 60 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 61 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.1 |
|
|
| aliases |
CVE-2017-6919, GHSA-6hpj-9xj7-2jxx
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4un9-k6n8-nffu |
|
| 9 |
| url |
VCID-51ze-a1zm-ukey |
| vulnerability_id |
VCID-51ze-a1zm-ukey |
| summary |
XSS Vulnerability
CKEditor, a third-party JavaScript library included in Drupal core, is affected by a cross-site scripting (XSS) vulnerability. It's possible to execute XSS inside CKEditor when using the `image2` plugin. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.7 |
| purl |
pkg:composer/drupal/core@8.4.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 11 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 12 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 13 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 14 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 15 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 18 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 19 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 20 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 21 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 22 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 23 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 24 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 25 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 26 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 27 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 28 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 29 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 30 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 31 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 32 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 33 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 34 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 35 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 36 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 37 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 38 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 39 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 40 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 41 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 42 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 43 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 44 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 45 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 46 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 47 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.7 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.5.2 |
| purl |
pkg:composer/drupal/core@8.5.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 17 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 18 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 19 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 20 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 21 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 22 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 23 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 24 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 25 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 26 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 27 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 28 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 29 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 30 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 31 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 32 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 33 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 34 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 35 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 36 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 37 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 38 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 39 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 40 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 41 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 42 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 43 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 44 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 45 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 46 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 47 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 48 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 49 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.2 |
|
|
| aliases |
SA-CORE-2018-003
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-51ze-a1zm-ukey |
|
| 10 |
| url |
VCID-5821-1xss-8fdu |
| vulnerability_id |
VCID-5821-1xss-8fdu |
| summary |
Improper access control
In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the "private" file system. However, some contributed modules provide additional file systems, or schemes, which may lead to this vulnerability. This vulnerability is mitigated by the fact that it only applies when the site sets (Drupal 9) $config['image.settings']['allow_insecure_derivatives'] or (Drupal 7) $conf['image_allow_insecure_derivatives'] to TRUE. The recommended and default setting is FALSE, and Drupal core does not provide a way to change that in the admin UI. Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing files or image styles after updating. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://www.drupal.org/sa-core-2022-012 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-03T18:45:46Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2022-012 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@9.3.19 |
| purl |
pkg:composer/drupal/core@9.3.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.4.3 |
| purl |
pkg:composer/drupal/core@9.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.4.3 |
|
|
| aliases |
CVE-2022-25275, GHSA-xh3v-6f9j-wxw3, GMS-2022-3362
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5821-1xss-8fdu |
|
| 11 |
|
| 12 |
| url |
VCID-5txj-xsnq-ducf |
| vulnerability_id |
VCID-5txj-xsnq-ducf |
| summary |
Cross-site Scripting
In Symfony, validation messages are not escaped, which can lead to XSS when user input is included. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.15 |
| purl |
pkg:composer/drupal/core@8.5.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 2 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 12 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 13 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 14 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 15 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 16 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 17 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 18 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 19 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 20 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 21 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 22 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 23 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 24 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 25 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 26 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 27 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 28 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 29 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 30 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 31 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.15 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.15 |
| purl |
pkg:composer/drupal/core@8.6.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 2 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 12 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 13 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 14 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 15 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 16 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 17 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 18 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 19 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 20 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 21 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 22 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 23 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 24 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 25 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 26 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 27 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 28 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 29 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 30 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 31 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.15 |
|
|
| aliases |
CVE-2019-10909, GHSA-g996-q5r8-w7g2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5txj-xsnq-ducf |
|
| 13 |
| url |
VCID-757r-nv73-gfhg |
| vulnerability_id |
VCID-757r-nv73-gfhg |
| summary |
Code Injection
Injection in `DefaultMailSystem::mail()`. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GMS-2018-55
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-757r-nv73-gfhg |
|
| 14 |
| url |
VCID-7kzf-7csh-wkds |
| vulnerability_id |
VCID-7kzf-7csh-wkds |
| summary |
Improper Privilege Management
When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved comments. This issue only affects sites that have the RESTful Web Services (rest) module enabled, the comment entity REST resource enabled, and where an attacker can access a user account on the site with permissions to post comments, or where anonymous users can post comments. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.3.0 |
| purl |
pkg:composer/drupal/core@8.3.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 14 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 15 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 16 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 17 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 18 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 19 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 20 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 21 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 22 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 23 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 24 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 25 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 26 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 27 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 28 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 29 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 30 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 31 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 32 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 33 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 34 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 35 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 36 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 37 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 38 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 39 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 40 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 41 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 42 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 43 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 44 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 45 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 46 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 47 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 48 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 49 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 50 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 51 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 52 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 53 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 54 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 55 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 56 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 57 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 58 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 59 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 60 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 61 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 62 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.0 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.3.7 |
| purl |
pkg:composer/drupal/core@8.3.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 22 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 23 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 24 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 25 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 26 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 27 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 28 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 29 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 30 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 31 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 32 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 33 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 34 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 35 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 36 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 37 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 38 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 39 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 40 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 41 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 42 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 43 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 44 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 45 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 46 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 47 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 48 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 49 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 50 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 51 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 52 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 53 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 54 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 55 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 56 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 57 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.7 |
|
|
| aliases |
CVE-2017-6924, GHSA-p8g6-5mg7-9r5q
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7kzf-7csh-wkds |
|
| 15 |
| url |
VCID-7qhc-n6hc-ukbu |
| vulnerability_id |
VCID-7qhc-n6hc-ukbu |
| summary |
Moderately critical - Third-party libraries - SA-CORE-2019-007
The `PharStreamWrapper` (aka `phar-stream-wrapper`) package does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a `phar:///path/bad.phar/../good.phar` URL. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.16 |
| purl |
pkg:composer/drupal/core@8.6.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 2 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 11 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 12 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 18 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 19 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 20 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 21 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 22 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 23 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 24 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 25 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 26 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 27 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 28 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 29 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 30 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.16 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.7.1 |
| purl |
pkg:composer/drupal/core@8.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 2 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 10 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 11 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 12 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 13 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 14 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 15 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 16 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 17 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 18 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 19 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 20 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 21 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 22 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 23 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 24 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 25 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 26 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 27 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 28 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 29 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 30 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 31 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 32 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 33 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 34 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.1 |
|
|
| aliases |
CVE-2019-11831, GHSA-xv7v-rf6g-xwrc
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7qhc-n6hc-ukbu |
|
| 16 |
| url |
VCID-9ju9-nhf2-wfbe |
| vulnerability_id |
VCID-9ju9-nhf2-wfbe |
| summary |
Drupal core Denial of Service vulnerability
The Comment module allows users to reply to comments. In certain cases, an attacker could make comment reply requests that would trigger a denial of service (DOS).
Sites that do not use the Comment module are not affected. |
| references |
|
| fixed_packages |
|
| aliases |
GHSA-6ccv-8fgf-cjpw, GMS-2024-214
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ju9-nhf2-wfbe |
|
| 17 |
| url |
VCID-9ux4-434v-jbb9 |
| vulnerability_id |
VCID-9ux4-434v-jbb9 |
| summary |
Cross-site Scripting
XSS vulnerabiltiy in drupal. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.7 |
| purl |
pkg:composer/drupal/core@8.4.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 11 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 12 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 13 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 14 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 15 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 18 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 19 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 20 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 21 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 22 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 23 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 24 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 25 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 26 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 27 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 28 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 29 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 30 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 31 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 32 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 33 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 34 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 35 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 36 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 37 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 38 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 39 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 40 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 41 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 42 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 43 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 44 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 45 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 46 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 47 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.7 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.5.0-alpha1 |
| purl |
pkg:composer/drupal/core@8.5.0-alpha1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 17 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 18 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 19 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 20 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 21 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 22 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 23 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 24 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 25 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 26 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 27 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 28 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 29 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 30 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 31 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 32 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 33 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 34 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 35 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 36 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 37 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 38 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 39 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 40 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 41 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 42 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 43 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 44 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 45 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 46 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 47 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.0-alpha1 |
|
| 2 |
| url |
pkg:composer/drupal/core@8.5.2 |
| purl |
pkg:composer/drupal/core@8.5.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 17 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 18 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 19 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 20 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 21 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 22 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 23 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 24 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 25 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 26 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 27 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 28 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 29 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 30 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 31 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 32 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 33 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 34 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 35 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 36 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 37 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 38 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 39 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 40 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 41 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 42 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 43 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 44 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 45 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 46 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 47 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 48 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 49 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.2 |
|
|
| aliases |
GMS-2018-51
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ux4-434v-jbb9 |
|
| 18 |
| url |
VCID-ardj-zyxg-9ued |
| vulnerability_id |
VCID-ardj-zyxg-9ued |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://greysec.net/showthread.php?tid=2912&pid=10561 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://greysec.net/showthread.php?tid=2912&pid=10561 |
|
| 5 |
| reference_url |
https://groups.drupal.org/security/faq-2018-002 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://groups.drupal.org/security/faq-2018-002 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://twitter.com/RicterZ/status/979567469726613504 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://twitter.com/RicterZ/status/979567469726613504 |
|
| 10 |
| reference_url |
https://twitter.com/RicterZ/status/984495201354854401 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://twitter.com/RicterZ/status/984495201354854401 |
|
| 11 |
|
| 12 |
| reference_url |
https://www.debian.org/security/2018/dsa-4156 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://www.debian.org/security/2018/dsa-4156 |
|
| 13 |
| reference_url |
https://www.drupal.org/sa-core-2018-002 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2018-002 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
| reference_url |
http://www.securityfocus.com/bid/103534 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
http://www.securityfocus.com/bid/103534 |
|
| 20 |
| reference_url |
http://www.securitytracker.com/id/1040598 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
http://www.securitytracker.com/id/1040598 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
| reference_url |
https://github.com/a2u/CVE-2018-7600 |
| reference_id |
CVE-2018-7600 |
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://github.com/a2u/CVE-2018-7600 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
| reference_url |
https://github.com/g0rx/CVE-2018-7600-Drupal-RCE |
| reference_id |
CVE-2018-7600-DRUPAL-RCE |
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/ |
|
|
| url |
https://github.com/g0rx/CVE-2018-7600-Drupal-RCE |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.3.9 |
| purl |
pkg:composer/drupal/core@8.3.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 11 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 12 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 17 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 18 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 19 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 20 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 21 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 22 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 23 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 24 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 25 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 26 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 27 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 28 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 29 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 30 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 31 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 32 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 33 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 34 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 35 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 36 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 37 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 38 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 39 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 40 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 41 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 42 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 43 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 44 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 45 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 46 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 47 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 48 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 49 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.9 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.4.6 |
| purl |
pkg:composer/drupal/core@8.4.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 11 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 12 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 17 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 18 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 19 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 20 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 21 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 22 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 23 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 24 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 25 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 26 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 27 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 28 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 29 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 30 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 31 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 32 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 33 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 34 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 35 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 36 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 37 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 38 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 39 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 40 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 41 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 42 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 43 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 44 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 45 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 46 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 47 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 48 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 49 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.6 |
|
| 2 |
| url |
pkg:composer/drupal/core@8.5.1 |
| purl |
pkg:composer/drupal/core@8.5.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 15 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 16 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 17 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 18 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 19 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 20 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 21 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 22 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 23 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 24 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 25 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 26 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 27 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 28 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 29 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 30 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 31 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 32 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 33 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 34 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 35 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 36 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 37 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 38 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 39 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 40 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 41 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 42 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 43 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 44 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 45 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 46 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 47 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 48 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 49 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 50 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 51 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.1 |
|
|
| aliases |
CVE-2018-7600, GHSA-7fh9-933g-885p
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ardj-zyxg-9ued |
|
| 19 |
| url |
VCID-b2x6-54c3-jqa2 |
| vulnerability_id |
VCID-b2x6-54c3-jqa2 |
| summary |
Improper Input Validation
guzzlehttp/psr7 is a PSR-7 HTTP message library used in drupal. Versions prior to 1.8.4 and 2.1.1 is vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://www.drupal.org/sa-core-2022-006 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2022-006 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@9.2.16 |
| purl |
pkg:composer/drupal/core@9.2.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 13 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 14 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 15 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 16 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 17 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 18 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 19 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.16 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.3.0-alpha1 |
| purl |
pkg:composer/drupal/core@9.3.0-alpha1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 7 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 8 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 9 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 10 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 11 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 12 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 13 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 14 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 15 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 16 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 17 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.0-alpha1 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.3.9 |
| purl |
pkg:composer/drupal/core@9.3.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5jad-7hr3-eqh9 |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 14 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 15 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 16 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 17 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 18 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 19 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 20 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.9 |
|
| 3 |
|
|
| aliases |
CVE-2022-24775, GHSA-q7rv-6hp3-vh96
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b2x6-54c3-jqa2 |
|
| 20 |
| url |
VCID-bnw7-px2h-ubha |
| vulnerability_id |
VCID-bnw7-px2h-ubha |
| summary |
Drupal core Access bypass |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.7.11 |
| purl |
pkg:composer/drupal/core@8.7.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 3 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 4 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 19 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 20 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 21 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 22 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 23 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 24 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 25 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 26 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 27 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 28 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 29 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 30 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.11 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.8.1 |
| purl |
pkg:composer/drupal/core@8.8.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4gsc-v4nm-nke8 |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 7 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 8 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 9 |
| vulnerability |
VCID-8a7d-mfrd-myeq |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bxh1-7fvj-zybm |
|
| 13 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 14 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 18 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 19 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 23 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 24 |
| vulnerability |
VCID-jq2w-q55u-8bbq |
|
| 25 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 26 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 29 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 33 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 34 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 35 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 36 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 37 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 38 |
| vulnerability |
VCID-u6ud-1gef-1qbn |
|
| 39 |
| vulnerability |
VCID-vbkh-vghp-qqht |
|
| 40 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 41 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.1 |
|
|
| aliases |
GHSA-mh4h-27gq-cxwj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bnw7-px2h-ubha |
|
| 21 |
| url |
VCID-dhzk-3ek4-2uf8 |
| vulnerability_id |
VCID-dhzk-3ek4-2uf8 |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.2.3 |
| purl |
pkg:composer/drupal/core@8.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 14 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 15 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 16 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 17 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 18 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 19 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 20 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 21 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 22 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 23 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 24 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 25 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 26 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 27 |
| vulnerability |
VCID-g3u3-6dza-gkg7 |
|
| 28 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 29 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 30 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 31 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 32 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 33 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 34 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 35 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 36 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 37 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 38 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 39 |
| vulnerability |
VCID-jyzy-3fjs-b3fs |
|
| 40 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 41 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 42 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 43 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 44 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 45 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 46 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 47 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 48 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 49 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 50 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 51 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 52 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 53 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 54 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 55 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 56 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 57 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 58 |
| vulnerability |
VCID-tv1h-9yxp-ryap |
|
| 59 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 60 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 61 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 62 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 63 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 64 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 65 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 66 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 67 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.3 |
|
|
| aliases |
CVE-2016-9452, GHSA-jpj8-49hr-wcwv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dhzk-3ek4-2uf8 |
|
| 22 |
| url |
VCID-e8mp-5awh-eybz |
| vulnerability_id |
VCID-e8mp-5awh-eybz |
| summary |
Improper Access Control
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules or themes may be affected. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://www.drupal.org/sa-core-2022-013 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-03T18:39:47Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2022-013 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@9.3.19 |
| purl |
pkg:composer/drupal/core@9.3.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.4.3 |
| purl |
pkg:composer/drupal/core@9.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.4.3 |
|
|
| aliases |
CVE-2022-25278, GHSA-cfh2-7f6h-3m85
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e8mp-5awh-eybz |
|
| 23 |
| url |
VCID-ejt8-umuh-g7e7 |
| vulnerability_id |
VCID-ejt8-umuh-g7e7 |
| summary |
PECL YAML parser unsafe object handling
PECL YAML parser does not handle PHP objects safely during certain operations within Drupal core. This can lead to remote code execution. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.3.4 |
| purl |
pkg:composer/drupal/core@8.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 22 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 23 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 24 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 25 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 26 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 27 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 28 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 29 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 30 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 31 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 32 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 33 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 34 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 35 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 36 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 37 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 38 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 39 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 40 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 41 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 42 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 43 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 44 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 45 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 46 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 47 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 48 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 49 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 50 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 51 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 52 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 53 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 54 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 55 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 56 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 57 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 58 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.4 |
|
|
| aliases |
CVE-2017-6920, GHSA-9c24-g32g-35rj
|
| risk_score |
0.3 |
| exploitability |
0.5 |
| weighted_severity |
0.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ejt8-umuh-g7e7 |
|
| 24 |
| url |
VCID-ezsv-96h9-x3ah |
| vulnerability_id |
VCID-ezsv-96h9-x3ah |
| summary |
Drupal External URL injection through URL aliases leading to Open Redirect |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.8 |
| purl |
pkg:composer/drupal/core@8.5.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 18 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 19 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 23 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 24 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 25 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 26 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 29 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 33 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 34 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 35 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 36 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 37 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 38 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 39 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 40 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 41 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 42 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 43 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.8 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GHSA-7f4f-p7mq-p4fv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ezsv-96h9-x3ah |
|
| 25 |
| url |
VCID-f687-ubdn-37en |
| vulnerability_id |
VCID-f687-ubdn-37en |
| summary |
Exposure of Resource to Wrong Sphere
Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.8.10 |
| purl |
pkg:composer/drupal/core@8.8.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 19 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 20 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 21 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 22 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 23 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 24 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 25 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 26 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 27 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 28 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.10 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.9.6 |
| purl |
pkg:composer/drupal/core@8.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 19 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 20 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 21 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 22 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 23 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 24 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 25 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 26 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 27 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 28 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 29 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.6 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.0.6 |
| purl |
pkg:composer/drupal/core@9.0.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 16 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 17 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 18 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 19 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 20 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 23 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 24 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 25 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.6 |
|
|
| aliases |
CVE-2020-13670, GHSA-mmjr-5q74-p3m4
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f687-ubdn-37en |
|
| 26 |
| url |
VCID-fmc9-t9a1-5fcx |
| vulnerability_id |
VCID-fmc9-t9a1-5fcx |
| summary |
Drupal Anonymous Open Redirect |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.8 |
| purl |
pkg:composer/drupal/core@8.5.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 18 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 19 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 23 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 24 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 25 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 26 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 29 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 33 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 34 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 35 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 36 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 37 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 38 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 39 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 40 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 41 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 42 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 43 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.8 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GHSA-gfvf-2f25-f34r
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fmc9-t9a1-5fcx |
|
| 27 |
| url |
VCID-fx6n-du84-yya2 |
| vulnerability_id |
VCID-fx6n-du84-yya2 |
| summary |
Cross-site Scripting
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.0 |
| purl |
pkg:composer/drupal/core@8.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 22 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 23 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 24 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 25 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 26 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 27 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 28 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 29 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 30 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 31 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 32 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 33 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 34 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 35 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 36 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 37 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 38 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 39 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 40 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 41 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 42 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 43 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 44 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 45 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 46 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 47 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 48 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 49 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 50 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 51 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 52 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 53 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 54 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 55 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 56 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 57 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.0 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.4.5 |
| purl |
pkg:composer/drupal/core@8.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 22 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 23 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 24 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 25 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 26 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 27 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 28 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 29 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 30 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 31 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 32 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 33 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 34 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 35 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 36 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 37 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 38 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 39 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 40 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 41 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 42 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 43 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 44 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 45 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 46 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 47 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 48 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 49 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 50 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 51 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5 |
|
|
| aliases |
CVE-2017-6929, GHSA-5vpr-v24w-mmjj
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fx6n-du84-yya2 |
|
| 28 |
| url |
VCID-fy43-ubmr-pfhu |
| vulnerability_id |
VCID-fy43-ubmr-pfhu |
| summary |
Drupal core Denial of Service |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.7.11 |
| purl |
pkg:composer/drupal/core@8.7.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 3 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 4 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 19 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 20 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 21 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 22 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 23 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 24 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 25 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 26 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 27 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 28 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 29 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 30 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.11 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.8.1 |
| purl |
pkg:composer/drupal/core@8.8.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4gsc-v4nm-nke8 |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 7 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 8 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 9 |
| vulnerability |
VCID-8a7d-mfrd-myeq |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bxh1-7fvj-zybm |
|
| 13 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 14 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 18 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 19 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 23 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 24 |
| vulnerability |
VCID-jq2w-q55u-8bbq |
|
| 25 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 26 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 29 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 33 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 34 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 35 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 36 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 37 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 38 |
| vulnerability |
VCID-u6ud-1gef-1qbn |
|
| 39 |
| vulnerability |
VCID-vbkh-vghp-qqht |
|
| 40 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 41 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.1 |
|
|
| aliases |
GHSA-pr99-c33p-fwf6
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fy43-ubmr-pfhu |
|
| 29 |
| url |
VCID-g3u3-6dza-gkg7 |
| vulnerability_id |
VCID-g3u3-6dza-gkg7 |
| summary |
Remote code execution
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerable to this if you are running a version of Drupal. To be sure you aren’t vulnerable, you can remove the /vendor/phpunit directory from the site root of your production deployments. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.2.7 |
| purl |
pkg:composer/drupal/core@8.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 14 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 15 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 16 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 17 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 18 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 19 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 20 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 21 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 22 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 23 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 24 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 25 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 26 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 27 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 28 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 29 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 30 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 31 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 32 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 33 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 34 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 35 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 36 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 37 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 38 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 39 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 40 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 41 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 42 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 43 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 44 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 45 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 46 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 47 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 48 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 49 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 50 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 51 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 52 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 53 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 54 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 55 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 56 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 57 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 58 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 59 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 60 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 61 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 62 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 63 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 64 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.7 |
|
|
| aliases |
CVE-2017-6381, GHSA-rhx9-3qf7-r3j7
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g3u3-6dza-gkg7 |
|
| 30 |
| url |
VCID-g6px-rqtp-vqev |
| vulnerability_id |
VCID-g6px-rqtp-vqev |
| summary |
Drupal core Arbitrary PHP code execution |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.8.12 |
| purl |
pkg:composer/drupal/core@8.8.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 17 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 18 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 19 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 20 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 23 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 24 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.12 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.9.10 |
| purl |
pkg:composer/drupal/core@8.9.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 17 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 18 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 19 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 20 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 23 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 24 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 25 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.10 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.0.9 |
| purl |
pkg:composer/drupal/core@9.0.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 14 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 15 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 16 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 17 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 18 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 19 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 20 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 21 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.9 |
|
|
| aliases |
GHSA-gxxj-g9v8-w28p
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g6px-rqtp-vqev |
|
| 31 |
| url |
VCID-gr7c-tbh9-ayh6 |
| vulnerability_id |
VCID-gr7c-tbh9-ayh6 |
| summary |
Drupal Content moderation Access bypass |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.8 |
| purl |
pkg:composer/drupal/core@8.5.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 18 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 19 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 23 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 24 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 25 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 26 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 29 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 33 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 34 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 35 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 36 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 37 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 38 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 39 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 40 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 41 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 42 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 43 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.8 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GHSA-f84q-mgj9-8jfc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gr7c-tbh9-ayh6 |
|
| 32 |
| url |
VCID-h93x-dbpr-q7cz |
| vulnerability_id |
VCID-h93x-dbpr-q7cz |
| summary |
Improper Input Validation
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://www.drupal.org/sa-core-2022-008 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-03T19:19:11Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2022-008 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@9.2.18 |
| purl |
pkg:composer/drupal/core@9.2.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 11 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 12 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 13 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 14 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 15 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 16 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 17 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 18 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.18 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.3.12 |
| purl |
pkg:composer/drupal/core@9.3.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 11 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 12 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 13 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 14 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 15 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 16 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 17 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 18 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.12 |
|
|
| aliases |
CVE-2022-25273, GHSA-g36h-4jr6-qmm9
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h93x-dbpr-q7cz |
|
| 33 |
| url |
VCID-hz2k-at38-wbeb |
| vulnerability_id |
VCID-hz2k-at38-wbeb |
| summary |
Missing Authorization
When creating a view, you can optionally use Ajax to update the displayed data via filter parameters. The views subsystem/module did not restrict access to the Ajax endpoint to only views configured to use Ajax. This is mitigated if you have access restrictions on the view. It is best practice to always include some form of access restrictions on all views, even if you are using another module to display them. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.3.0 |
| purl |
pkg:composer/drupal/core@8.3.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 14 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 15 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 16 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 17 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 18 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 19 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 20 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 21 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 22 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 23 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 24 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 25 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 26 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 27 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 28 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 29 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 30 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 31 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 32 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 33 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 34 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 35 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 36 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 37 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 38 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 39 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 40 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 41 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 42 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 43 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 44 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 45 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 46 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 47 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 48 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 49 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 50 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 51 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 52 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 53 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 54 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 55 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 56 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 57 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 58 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 59 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 60 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 61 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 62 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.0 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.3.7 |
| purl |
pkg:composer/drupal/core@8.3.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 22 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 23 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 24 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 25 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 26 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 27 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 28 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 29 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 30 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 31 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 32 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 33 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 34 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 35 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 36 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 37 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 38 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 39 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 40 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 41 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 42 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 43 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 44 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 45 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 46 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 47 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 48 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 49 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 50 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 51 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 52 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 53 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 54 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 55 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 56 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 57 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.7 |
|
|
| aliases |
CVE-2017-6923, GHSA-v3f6-f29f-rgvp
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hz2k-at38-wbeb |
|
| 34 |
| url |
VCID-j1yc-pqhw-pbh1 |
| vulnerability_id |
VCID-j1yc-pqhw-pbh1 |
| summary |
Files uploaded by anonymous users accessed by other users
Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core does not provide this protection, allowing an access bypass vulnerability to occur. This issue is mitigated by the fact that in order to be affected, the site must allow anonymous users to upload files into a private file system. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.3.4 |
| purl |
pkg:composer/drupal/core@8.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 22 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 23 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 24 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 25 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 26 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 27 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 28 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 29 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 30 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 31 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 32 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 33 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 34 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 35 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 36 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 37 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 38 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 39 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 40 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 41 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 42 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 43 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 44 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 45 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 46 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 47 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 48 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 49 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 50 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 51 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 52 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 53 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 54 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 55 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 56 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 57 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 58 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.4 |
|
|
| aliases |
CVE-2017-6922, GHSA-58f3-cx8p-h8jg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j1yc-pqhw-pbh1 |
|
| 35 |
| url |
VCID-j2g3-u36y-nqdv |
| vulnerability_id |
VCID-j2g3-u36y-nqdv |
| summary |
Lack of domain validation in Druple core
The Media oEmbed iframe route does not properly validate the iframe domain setting, which allows embeds to be displayed in the context of the primary domain. Under certain circumstances, this could lead to cross-site scripting, leaked cookies, or other vulnerabilities. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@9.3.19 |
| purl |
pkg:composer/drupal/core@9.3.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.4.3 |
| purl |
pkg:composer/drupal/core@9.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.4.3 |
|
|
| aliases |
CVE-2022-25276, GHSA-4wfq-jc9h-vpcx
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j2g3-u36y-nqdv |
|
| 36 |
| url |
VCID-j4r9-8g22-vydm |
| vulnerability_id |
VCID-j4r9-8g22-vydm |
| summary |
Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.8 |
| purl |
pkg:composer/drupal/core@8.5.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 18 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 19 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 23 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 24 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 25 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 26 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 29 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 33 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 34 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 35 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 36 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 37 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 38 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 39 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 40 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 41 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 42 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 43 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.8 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GHSA-7v68-3pr5-h3cr
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j4r9-8g22-vydm |
|
| 37 |
| url |
VCID-j545-f44v-w3cn |
| vulnerability_id |
VCID-j545-f44v-w3cn |
| summary |
Improper Input Validation
A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted `phar://` URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.9 |
| purl |
pkg:composer/drupal/core@8.5.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.9 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.6 |
| purl |
pkg:composer/drupal/core@8.6.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 21 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 22 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 23 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 24 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 25 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 26 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 27 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 28 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 29 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 30 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 31 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 32 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 33 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 34 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 35 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 36 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.6 |
|
|
| aliases |
CVE-2019-6339, GHSA-8cw5-rv98-5c46
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j545-f44v-w3cn |
|
| 38 |
| url |
VCID-j59x-5swn-fuga |
| vulnerability_id |
VCID-j59x-5swn-fuga |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.9.19 |
| purl |
pkg:composer/drupal/core@8.9.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 8 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 9 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 10 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 11 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 12 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 13 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 14 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 15 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 16 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 17 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 18 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.1.13 |
| purl |
pkg:composer/drupal/core@9.1.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 13 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 14 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 15 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 16 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 17 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 18 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 19 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.13 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.2.6 |
| purl |
pkg:composer/drupal/core@9.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-ksza-1wkb-hug6 |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 17 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 18 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 19 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 20 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 21 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 22 |
| vulnerability |
VCID-zye6-b5h4-kqch |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.6 |
|
|
| aliases |
CVE-2020-13677, GHSA-3xr3-phjp-g6p2
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j59x-5swn-fuga |
|
| 39 |
| url |
VCID-j7zf-w99n-nfcf |
| vulnerability_id |
VCID-j7zf-w99n-nfcf |
| summary |
Comment reply form allows access to restricted content
Users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content. This vulnerability is mitigated by the fact that the comment system must be enabled and the attacker must have permission to post comments. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.5 |
| purl |
pkg:composer/drupal/core@8.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 22 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 23 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 24 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 25 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 26 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 27 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 28 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 29 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 30 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 31 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 32 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 33 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 34 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 35 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 36 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 37 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 38 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 39 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 40 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 41 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 42 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 43 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 44 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 45 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 46 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 47 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 48 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 49 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 50 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 51 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5 |
|
|
| aliases |
CVE-2017-6926, GHSA-2p28-5mvp-2j2r
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j7zf-w99n-nfcf |
|
| 40 |
| url |
VCID-jgec-wuca-bbf1 |
| vulnerability_id |
VCID-jgec-wuca-bbf1 |
| summary |
Drupal core Unrestricted Upload of File with Dangerous Type
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://www.drupal.org/sa-core-2020-012 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Attend |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:31Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2020-012 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.8.11 |
| purl |
pkg:composer/drupal/core@8.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 17 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 18 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 19 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 20 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 21 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 22 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 23 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 24 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 25 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 26 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 27 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.11 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.9.9 |
| purl |
pkg:composer/drupal/core@8.9.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 17 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 18 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 19 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 20 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 21 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 22 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 23 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 24 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 25 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 26 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 27 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 28 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.9 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.0.8 |
| purl |
pkg:composer/drupal/core@9.0.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 16 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 17 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 18 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 19 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 20 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 21 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 22 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 23 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 24 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.8 |
|
|
| aliases |
CVE-2020-13671, GHSA-68jc-v27h-vhmw
|
| risk_score |
null |
| exploitability |
2.0 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jgec-wuca-bbf1 |
|
| 41 |
| url |
VCID-jyzy-3fjs-b3fs |
| vulnerability_id |
VCID-jyzy-3fjs-b3fs |
| summary |
Access Bypass
When adding a private file via the editor in Drupal, the editor will not correctly check access for the file being attached, resulting in an access bypass. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.2.7 |
| purl |
pkg:composer/drupal/core@8.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 14 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 15 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 16 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 17 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 18 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 19 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 20 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 21 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 22 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 23 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 24 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 25 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 26 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 27 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 28 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 29 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 30 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 31 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 32 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 33 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 34 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 35 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 36 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 37 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 38 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 39 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 40 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 41 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 42 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 43 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 44 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 45 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 46 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 47 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 48 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 49 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 50 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 51 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 52 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 53 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 54 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 55 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 56 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 57 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 58 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 59 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 60 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 61 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 62 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 63 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 64 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.7 |
|
|
| aliases |
CVE-2017-6377, GHSA-w7qx-vwr9-2j3r
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jyzy-3fjs-b3fs |
|
| 42 |
| url |
VCID-kd54-616n-wbcw |
| vulnerability_id |
VCID-kd54-616n-wbcw |
| summary |
Language fallback can be incorrect on multilingual sites with node access restrictions
When using node access controls with a multilingual site, Drupal marks the untranslated version of a node as the default fallback for access queries. This fallback is used for languages that do not yet have a translated version of the created node. This can result in an access bypass vulnerability. This issue is mitigated by the fact that it only applies to sites that a) use the Content Translation module; and b) use a node access module such as Domain Access which implement hook_node_access_records(). Note that the update will mark the node access tables as needing a rebuild, which will take a long time on sites with a large number of nodes. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.5 |
| purl |
pkg:composer/drupal/core@8.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 22 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 23 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 24 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 25 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 26 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 27 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 28 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 29 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 30 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 31 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 32 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 33 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 34 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 35 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 36 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 37 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 38 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 39 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 40 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 41 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 42 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 43 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 44 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 45 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 46 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 47 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 48 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 49 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 50 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 51 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5 |
|
|
| aliases |
CVE-2017-6930, GHSA-3327-jr93-7hq3
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kd54-616n-wbcw |
|
| 43 |
| url |
VCID-ktfj-va32-2kbe |
| vulnerability_id |
VCID-ktfj-va32-2kbe |
| summary |
Drupal core unrestricted file upload |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.7.11 |
| purl |
pkg:composer/drupal/core@8.7.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 3 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 4 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 19 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 20 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 21 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 22 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 23 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 24 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 25 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 26 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 27 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 28 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 29 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 30 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.11 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.8.1 |
| purl |
pkg:composer/drupal/core@8.8.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4gsc-v4nm-nke8 |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 7 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 8 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 9 |
| vulnerability |
VCID-8a7d-mfrd-myeq |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bxh1-7fvj-zybm |
|
| 13 |
| vulnerability |
VCID-daa6-2qhc-3bhq |
|
| 14 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 18 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 19 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 23 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 24 |
| vulnerability |
VCID-jq2w-q55u-8bbq |
|
| 25 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 26 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 29 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 33 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 34 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 35 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 36 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 37 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 38 |
| vulnerability |
VCID-u6ud-1gef-1qbn |
|
| 39 |
| vulnerability |
VCID-vbkh-vghp-qqht |
|
| 40 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 41 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.1 |
|
|
| aliases |
GHSA-7gwj-7fhm-vw4w
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ktfj-va32-2kbe |
|
| 44 |
|
| 45 |
| url |
VCID-n6tq-72g7-afdg |
| vulnerability_id |
VCID-n6tq-72g7-afdg |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.8.10 |
| purl |
pkg:composer/drupal/core@8.8.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 19 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 20 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 21 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 22 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 23 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 24 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 25 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 26 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 27 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 28 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.10 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.9.6 |
| purl |
pkg:composer/drupal/core@8.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 16 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 17 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 18 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 19 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 20 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 21 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 22 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 23 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 24 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 25 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 26 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 27 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 28 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 29 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.6 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.0.6 |
| purl |
pkg:composer/drupal/core@9.0.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 12 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 13 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 14 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 15 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 16 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 17 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 18 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 19 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 20 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 23 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 24 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 25 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.6 |
|
|
| aliases |
CVE-2020-13668, GHSA-m6q5-wv4x-fv6h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n6tq-72g7-afdg |
|
| 46 |
| url |
VCID-nf7d-x5nj-d3dc |
| vulnerability_id |
VCID-nf7d-x5nj-d3dc |
| summary |
Drupal core uses a vulnerable Third-party library CKEditor |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.7.12 |
| purl |
pkg:composer/drupal/core@8.7.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 3 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 4 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 9 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 10 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 11 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 12 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 13 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 14 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 15 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 16 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 17 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 18 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 19 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 20 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 21 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 22 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 23 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 24 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 25 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 26 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 27 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 28 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.12 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.8.4 |
| purl |
pkg:composer/drupal/core@8.8.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-4gsc-v4nm-nke8 |
|
| 3 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 4 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 5 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 6 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 7 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 8 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 9 |
| vulnerability |
VCID-8a7d-mfrd-myeq |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bxh1-7fvj-zybm |
|
| 13 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 14 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 15 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-gaay-gs4k-5fba |
|
| 18 |
| vulnerability |
VCID-gvey-a924-8qhf |
|
| 19 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 20 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-jq2w-q55u-8bbq |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n2z8-yesj-9bea |
|
| 26 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 27 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 28 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 29 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-u6ud-1gef-1qbn |
|
| 37 |
| vulnerability |
VCID-vbkh-vghp-qqht |
|
| 38 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 39 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.8.4 |
|
|
| aliases |
GHSA-v273-j5hq-26xp
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nf7d-x5nj-d3dc |
|
| 47 |
| url |
VCID-nfzm-eyht-kkb1 |
| vulnerability_id |
VCID-nfzm-eyht-kkb1 |
| summary |
Improper Access Control in drupal. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GMS-2018-52
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nfzm-eyht-kkb1 |
|
| 48 |
| url |
VCID-ngmk-qxmz-gkdz |
| vulnerability_id |
VCID-ngmk-qxmz-gkdz |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.9.19 |
| purl |
pkg:composer/drupal/core@8.9.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 8 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 9 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 10 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 11 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 12 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 13 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 14 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 15 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 16 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 17 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 18 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.1.13 |
| purl |
pkg:composer/drupal/core@9.1.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 13 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 14 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 15 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 16 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 17 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 18 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 19 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.13 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.2.6 |
| purl |
pkg:composer/drupal/core@9.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-ksza-1wkb-hug6 |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 17 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 18 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 19 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 20 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 21 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 22 |
| vulnerability |
VCID-zye6-b5h4-kqch |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.6 |
|
|
| aliases |
CVE-2020-13675, GHSA-v8wr-r69p-mmwx
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ngmk-qxmz-gkdz |
|
| 49 |
| url |
VCID-nqz7-ej49-ckay |
| vulnerability_id |
VCID-nqz7-ej49-ckay |
| summary |
arbitrary command execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://www.debian.org/security/2018/dsa-4180 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/ |
|
|
| url |
https://www.debian.org/security/2018/dsa-4180 |
|
| 5 |
| reference_url |
https://www.drupal.org/sa-core-2018-004 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Act |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2018-004 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.8 |
| purl |
pkg:composer/drupal/core@8.4.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 11 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 12 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 13 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 14 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 15 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 18 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 19 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 20 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 21 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 22 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 23 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 24 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 25 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 26 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 27 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 28 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 29 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 30 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 31 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 32 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 33 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 34 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 35 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 36 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 37 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 38 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 39 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 40 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 41 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 42 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 43 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 44 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 45 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 46 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.8 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.5.3 |
| purl |
pkg:composer/drupal/core@8.5.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 17 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 18 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 19 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 20 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 21 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 22 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 23 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 24 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 25 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 26 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 27 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 28 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 29 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 30 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 31 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 32 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 33 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 34 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 35 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 36 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 37 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 38 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 39 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 40 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 41 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 42 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 43 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 44 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 45 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 46 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 47 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 48 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.3 |
|
|
| aliases |
CVE-2018-7602, GHSA-297x-j9pm-xjgg
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nqz7-ej49-ckay |
|
| 50 |
| url |
VCID-nszv-9z68-bqeu |
| vulnerability_id |
VCID-nszv-9z68-bqeu |
| summary |
Unprivileged access to "Administer comments"
Users who have rights to edit a node can set the visibility on comments for that node. This should be restricted to those who have the administer comments permission. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.1.10 |
| purl |
pkg:composer/drupal/core@8.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-2bnn-1wmq-ckdd |
|
| 5 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 6 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 7 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 8 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 9 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 10 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 11 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 12 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 13 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 14 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 15 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 16 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 17 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 18 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 19 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 20 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 21 |
| vulnerability |
VCID-dhzk-3ek4-2uf8 |
|
| 22 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 23 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 24 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 25 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 26 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 27 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 28 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 29 |
| vulnerability |
VCID-g3u3-6dza-gkg7 |
|
| 30 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 31 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 32 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 33 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 34 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 35 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 36 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 37 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 38 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 39 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 40 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 41 |
| vulnerability |
VCID-jyzy-3fjs-b3fs |
|
| 42 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 43 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 44 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 45 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 46 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 47 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 48 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 49 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 50 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 51 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 52 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 53 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 54 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 55 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 56 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 57 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 58 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 59 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 60 |
| vulnerability |
VCID-ta2u-bd9e-nfc7 |
|
| 61 |
| vulnerability |
VCID-tv1h-9yxp-ryap |
|
| 62 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 63 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 64 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 65 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 66 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 67 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 68 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 69 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 70 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.1.10 |
|
|
| aliases |
CVE-2016-7570, GHSA-6g9h-6v79-w4pc
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nszv-9z68-bqeu |
|
| 51 |
| url |
VCID-pbqh-x6zw-duhn |
| vulnerability_id |
VCID-pbqh-x6zw-duhn |
| summary |
Cross-site Scripting in HTTP exceptions
An attacker can create a specially crafted url, which can execute arbitrary code in the victim’s browser if loaded. Drupal is not properly sanitizing an exception. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.1.10 |
| purl |
pkg:composer/drupal/core@8.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-2bnn-1wmq-ckdd |
|
| 5 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 6 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 7 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 8 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 9 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 10 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 11 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 12 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 13 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 14 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 15 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 16 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 17 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 18 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 19 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 20 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 21 |
| vulnerability |
VCID-dhzk-3ek4-2uf8 |
|
| 22 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 23 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 24 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 25 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 26 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 27 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 28 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 29 |
| vulnerability |
VCID-g3u3-6dza-gkg7 |
|
| 30 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 31 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 32 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 33 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 34 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 35 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 36 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 37 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 38 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 39 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 40 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 41 |
| vulnerability |
VCID-jyzy-3fjs-b3fs |
|
| 42 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 43 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 44 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 45 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 46 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 47 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 48 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 49 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 50 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 51 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 52 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 53 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 54 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 55 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 56 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 57 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 58 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 59 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 60 |
| vulnerability |
VCID-ta2u-bd9e-nfc7 |
|
| 61 |
| vulnerability |
VCID-tv1h-9yxp-ryap |
|
| 62 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 63 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 64 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 65 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 66 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 67 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 68 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 69 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 70 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.1.10 |
|
|
| aliases |
CVE-2016-7571, GHSA-vhg8-x858-7wq6
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pbqh-x6zw-duhn |
|
| 52 |
| url |
VCID-phkw-q4nd-m7hh |
| vulnerability_id |
VCID-phkw-q4nd-m7hh |
| summary |
Unrestricted Upload of File with Dangerous Type
Drupal core sanitizes filenames with dangerous extensions upon upload (reference: SA-CORE-2020-012) and strips leading and trailing dots from filenames to prevent uploading server configuration files (reference: SA-CORE-2019-010). However, the protections for these two vulnerabilities previously does not work correctly together. As a result, if the site were configured to allow the upload of files with an htaccess extension, these files' filenames would not be properly sanitized. This could allow bypassing the protections provided by Drupal core's default .htaccess files and possible remote code execution on Apache web servers. This issue is mitigated by the fact that it requires a field administrator to explicitly configure a file field to allow htaccess as an extension (a restricted permission), or a contributed module or custom code that overrides allowed file uploads. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://www.drupal.org/sa-core-2022-014 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-03T18:41:13Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2022-014 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@9.3.19 |
| purl |
pkg:composer/drupal/core@9.3.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.3.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.4.3 |
| purl |
pkg:composer/drupal/core@9.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 1 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 2 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 3 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 4 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 5 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 6 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 7 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 8 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 9 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 10 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 11 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 12 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 13 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.4.3 |
|
|
| aliases |
CVE-2022-25277, GHSA-6955-67hm-vjjq, GMS-2022-3361
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-phkw-q4nd-m7hh |
|
| 53 |
| url |
VCID-pyjy-13mt-cyck |
| vulnerability_id |
VCID-pyjy-13mt-cyck |
| summary |
Drupal Core Remote Code Execution Vulnerability
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.) |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://www.drupal.org/sa-core-2019-003 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Attend |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:47Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2019-003 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.11 |
| purl |
pkg:composer/drupal/core@8.5.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 21 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 22 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 23 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 24 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 25 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 26 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 27 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 28 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 29 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 30 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 31 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 32 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 33 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 34 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 35 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.11 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.10 |
| purl |
pkg:composer/drupal/core@8.6.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 21 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 22 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 23 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 24 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 25 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 26 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 27 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 28 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 29 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 30 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 31 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 32 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 33 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 34 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 35 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.10 |
|
|
| aliases |
CVE-2019-6340, GHSA-3gx6-h57h-rm27
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pyjy-13mt-cyck |
|
| 54 |
|
| 55 |
| url |
VCID-qwwz-5n8j-9ben |
| vulnerability_id |
VCID-qwwz-5n8j-9ben |
| summary |
|
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/drupal/core |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
1.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/drupal/core |
|
| 3 |
|
| 4 |
| reference_url |
https://www.drupal.org/sa-core-2025-004 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
1.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:21:31Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2025-004 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-31675, GHSA-m4wj-hhwj-47qp
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qwwz-5n8j-9ben |
|
| 56 |
| url |
VCID-re2h-u5bk-wqbw |
| vulnerability_id |
VCID-re2h-u5bk-wqbw |
| summary |
URL Redirection to Untrusted Site ('Open Redirect')
External URL injection through URL aliases in drupal. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GMS-2018-53
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-re2h-u5bk-wqbw |
|
| 57 |
| url |
VCID-s6ek-bjnx-9fc1 |
| vulnerability_id |
VCID-s6ek-bjnx-9fc1 |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.9.19 |
| purl |
pkg:composer/drupal/core@8.9.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 8 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 9 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 10 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 11 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 12 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 13 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 14 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 15 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 16 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 17 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 18 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.19 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.1.13 |
| purl |
pkg:composer/drupal/core@9.1.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 13 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 14 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 15 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 16 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 17 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 18 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 19 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.13 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.2.6 |
| purl |
pkg:composer/drupal/core@9.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-ksza-1wkb-hug6 |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 17 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 18 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 19 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 20 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 21 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 22 |
| vulnerability |
VCID-zye6-b5h4-kqch |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.6 |
|
|
| aliases |
CVE-2020-13676, GHSA-qfhg-m6r8-xxpj
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s6ek-bjnx-9fc1 |
|
| 58 |
| url |
VCID-s8d1-k9q4-nkds |
| vulnerability_id |
VCID-s8d1-k9q4-nkds |
| summary |
Entity Access Bypass
In versions of Drupal 8 core ; There is a vulnerability in the entity access system that could allow unwanted access to view, create, update, or delete entities. This only affects entities that do not use or do not have UUIDs, and entities that have different access restrictions on different revisions of the same entity. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.3.7 |
| purl |
pkg:composer/drupal/core@8.3.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 22 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 23 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 24 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 25 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 26 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 27 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 28 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 29 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 30 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 31 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 32 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 33 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 34 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 35 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 36 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 37 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 38 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 39 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 40 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 41 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 42 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 43 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 44 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 45 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 46 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 47 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 48 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 49 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 50 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 51 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 52 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 53 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 54 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 55 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 56 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 57 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.7 |
|
|
| aliases |
CVE-2017-6925, GHSA-f4qx-jqfq-7785
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s8d1-k9q4-nkds |
|
| 59 |
|
| 60 |
| url |
VCID-svhr-wt5d-xbbq |
| vulnerability_id |
VCID-svhr-wt5d-xbbq |
| summary |
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the Enhanced Image plugin for CKEditor. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.7 |
| purl |
pkg:composer/drupal/core@8.4.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 11 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 12 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 13 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 14 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 15 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 18 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 19 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 20 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 21 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 22 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 23 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 24 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 25 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 26 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 27 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 28 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 29 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 30 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 31 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 32 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 33 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 34 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 35 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 36 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 37 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 38 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 39 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 40 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 41 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 42 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 43 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 44 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 45 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 46 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 47 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.7 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.5.2 |
| purl |
pkg:composer/drupal/core@8.5.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 17 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 18 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 19 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 20 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 21 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 22 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 23 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 24 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 25 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 26 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 27 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 28 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 29 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 30 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 31 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 32 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 33 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 34 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 35 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 36 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 37 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 38 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 39 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 40 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 41 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 42 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 43 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 44 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 45 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 46 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 47 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 48 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 49 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.2 |
|
|
| aliases |
CVE-2018-9861, GHSA-g78h-pf65-46rv
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-svhr-wt5d-xbbq |
|
| 61 |
| url |
VCID-swh1-rvuw-jqfx |
| vulnerability_id |
VCID-swh1-rvuw-jqfx |
| summary |
|
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.9.10 |
| purl |
pkg:composer/drupal/core@8.9.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 2 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 3 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 4 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 5 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 6 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 7 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 17 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 18 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 19 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 20 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 23 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 24 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 25 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.10 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.0.0-alpha1 |
| purl |
pkg:composer/drupal/core@9.0.0-alpha1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 8 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 9 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 10 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 11 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 12 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 13 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 14 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 15 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 16 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 17 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 18 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.0-alpha1 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.0.9 |
| purl |
pkg:composer/drupal/core@9.0.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 14 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 15 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 16 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 17 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 18 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 19 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 20 |
| vulnerability |
VCID-ze3s-89wm-2kg2 |
|
| 21 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.0.9 |
|
| 3 |
| url |
pkg:composer/drupal/core@9.1.0-alpha1 |
| purl |
pkg:composer/drupal/core@9.1.0-alpha1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 1 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 2 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 3 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 4 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 5 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 6 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 7 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 13 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 14 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 15 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 16 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 17 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 18 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 19 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.0-alpha1 |
|
|
| aliases |
CVE-2020-28948, GHSA-jh5x-hfhg-78jq
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-swh1-rvuw-jqfx |
|
| 62 |
| url |
VCID-ta2u-bd9e-nfc7 |
| vulnerability_id |
VCID-ta2u-bd9e-nfc7 |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.2.3 |
| purl |
pkg:composer/drupal/core@8.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 14 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 15 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 16 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 17 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 18 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 19 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 20 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 21 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 22 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 23 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 24 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 25 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 26 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 27 |
| vulnerability |
VCID-g3u3-6dza-gkg7 |
|
| 28 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 29 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 30 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 31 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 32 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 33 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 34 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 35 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 36 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 37 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 38 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 39 |
| vulnerability |
VCID-jyzy-3fjs-b3fs |
|
| 40 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 41 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 42 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 43 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 44 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 45 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 46 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 47 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 48 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 49 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 50 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 51 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 52 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 53 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 54 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 55 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 56 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 57 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 58 |
| vulnerability |
VCID-tv1h-9yxp-ryap |
|
| 59 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 60 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 61 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 62 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 63 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 64 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 65 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 66 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 67 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.3 |
|
|
| aliases |
CVE-2016-9450, GHSA-98w5-wqp9-w466
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ta2u-bd9e-nfc7 |
|
| 63 |
| url |
VCID-tv1h-9yxp-ryap |
| vulnerability_id |
VCID-tv1h-9yxp-ryap |
| summary |
Cross Site Request Forgery
Some administrative paths did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.2.7 |
| purl |
pkg:composer/drupal/core@8.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 5 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 6 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 7 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 8 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 9 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 10 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 11 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 12 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 13 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 14 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 15 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 16 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 17 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 18 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 19 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 20 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 21 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 22 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 23 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 24 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 25 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 26 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 27 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 28 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 29 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 30 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 31 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 32 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 33 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 34 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 35 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 36 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 37 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 38 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 39 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 40 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 41 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 42 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 43 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 44 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 45 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 46 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 47 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 48 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 49 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 50 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 51 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 52 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 53 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 54 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 55 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 56 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 57 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 58 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 59 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 60 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 61 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 62 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 63 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 64 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.7 |
|
|
| aliases |
CVE-2017-6379, GHSA-gxxq-fhc7-3jv9
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tv1h-9yxp-ryap |
|
| 64 |
| url |
VCID-txkf-hpah-r3hu |
| vulnerability_id |
VCID-txkf-hpah-r3hu |
| summary |
Drupal core Cross-Site Scripting (XSS) vulnerabilities |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.9.18 |
| purl |
pkg:composer/drupal/core@8.9.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 9 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 10 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 11 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 12 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 13 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 14 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 15 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 16 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 17 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 18 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 19 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 20 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 21 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 22 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.9.18 |
|
| 1 |
| url |
pkg:composer/drupal/core@9.1.12 |
| purl |
pkg:composer/drupal/core@9.1.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 8 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 9 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 10 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 11 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 12 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 13 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 14 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 15 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 16 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 17 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 18 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 19 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 20 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 21 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 22 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 23 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.1.12 |
|
| 2 |
| url |
pkg:composer/drupal/core@9.2.4 |
| purl |
pkg:composer/drupal/core@9.2.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 1 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 2 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 3 |
| vulnerability |
VCID-63my-dg24-t3dj |
|
| 4 |
| vulnerability |
VCID-78p4-h4nj-budj |
|
| 5 |
| vulnerability |
VCID-7d6n-s61h-z3gz |
|
| 6 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 7 |
| vulnerability |
VCID-9whb-yuuw-mfek |
|
| 8 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 9 |
| vulnerability |
VCID-c6xh-peyj-7baj |
|
| 10 |
| vulnerability |
VCID-ddmy-kcmb-s7g7 |
|
| 11 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 12 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 13 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 14 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 15 |
| vulnerability |
VCID-ksza-1wkb-hug6 |
|
| 16 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 17 |
| vulnerability |
VCID-nf33-22v1-r3fj |
|
| 18 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 19 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 20 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 21 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 22 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 23 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 24 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 25 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 26 |
| vulnerability |
VCID-zye6-b5h4-kqch |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@9.2.4 |
|
|
| aliases |
GHSA-vfgc-c76h-mwh4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-txkf-hpah-r3hu |
|
| 65 |
| url |
VCID-ty8g-qrbm-cuf3 |
| vulnerability_id |
VCID-ty8g-qrbm-cuf3 |
| summary |
Settings Tray access bypass
In Drupal, the Settings Tray module has a vulnerability that allows users to update certain data that they do not have the permissions for. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.5 |
| purl |
pkg:composer/drupal/core@8.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 22 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 23 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 24 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 25 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 26 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 27 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 28 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 29 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 30 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 31 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 32 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 33 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 34 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 35 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 36 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 37 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 38 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 39 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 40 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 41 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 42 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 43 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 44 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 45 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 46 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 47 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 48 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 49 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 50 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 51 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5 |
|
|
| aliases |
CVE-2017-6931, GHSA-7ffh-cjvg-fpr4
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ty8g-qrbm-cuf3 |
|
| 66 |
| url |
VCID-unh6-xwtu-mkbt |
| vulnerability_id |
VCID-unh6-xwtu-mkbt |
| summary |
URL Redirection to Untrusted Site (Open Redirect)
Drupal core has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an attacker to trick users into unwillingly navigating to an external site. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.5 |
| purl |
pkg:composer/drupal/core@8.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 22 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 23 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 24 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 25 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 26 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 27 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 28 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 29 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 30 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 31 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 32 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 33 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 34 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 35 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 36 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 37 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 38 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 39 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 40 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 41 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 42 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 43 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 44 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 45 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 46 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 47 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 48 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 49 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 50 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 51 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5 |
|
|
| aliases |
CVE-2017-6932, GHSA-wm86-w3cf-h6vm
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-unh6-xwtu-mkbt |
|
| 67 |
| url |
VCID-v2h1-1cfd-muft |
| vulnerability_id |
VCID-v2h1-1cfd-muft |
| summary |
JavaScript cross-site scripting prevention is incomplete
Drupal has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output is not auto-escaped by either Drupal 7 or Drupal 8). This function does not correctly handle all methods of injecting malicious HTML, leading to a cross-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for HTML escaping are not affected. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.4.5 |
| purl |
pkg:composer/drupal/core@8.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 7 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 8 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 9 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 10 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 14 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 15 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 16 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 17 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 18 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 19 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 20 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 21 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 22 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 23 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 24 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 25 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 26 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 27 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 28 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 29 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 30 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 31 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 32 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 33 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 34 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 35 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 36 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 37 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 38 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 39 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 40 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 41 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 42 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 43 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 44 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 45 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 46 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 47 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 48 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 49 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 50 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 51 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5 |
|
|
| aliases |
CVE-2017-6927, GHSA-585j-5449-mf5m
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v2h1-1cfd-muft |
|
| 68 |
| url |
VCID-vby4-6r8z-6qgy |
| vulnerability_id |
VCID-vby4-6r8z-6qgy |
| summary |
Improper Access Control
In some conditions, content moderation fails to check a users access to use certain transitions, leading to an access bypass. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GMS-2018-56
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vby4-6r8z-6qgy |
|
| 69 |
| url |
VCID-w9xe-83yw-mbhy |
| vulnerability_id |
VCID-w9xe-83yw-mbhy |
| summary |
Unprivileged access to config export
The `system.temporary` route allows the download of a full config export. The full config export should be limited to those with "Export configuration" permission. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.1.10 |
| purl |
pkg:composer/drupal/core@8.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1unn-dn56-vufe |
|
| 3 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 4 |
| vulnerability |
VCID-2bnn-1wmq-ckdd |
|
| 5 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 6 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 7 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 8 |
| vulnerability |
VCID-4un9-k6n8-nffu |
|
| 9 |
| vulnerability |
VCID-51ze-a1zm-ukey |
|
| 10 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 11 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 12 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 13 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 14 |
| vulnerability |
VCID-7kzf-7csh-wkds |
|
| 15 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 16 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 17 |
| vulnerability |
VCID-9ux4-434v-jbb9 |
|
| 18 |
| vulnerability |
VCID-ardj-zyxg-9ued |
|
| 19 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 20 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 21 |
| vulnerability |
VCID-dhzk-3ek4-2uf8 |
|
| 22 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 23 |
| vulnerability |
VCID-ejt8-umuh-g7e7 |
|
| 24 |
| vulnerability |
VCID-ezsv-96h9-x3ah |
|
| 25 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 26 |
| vulnerability |
VCID-fmc9-t9a1-5fcx |
|
| 27 |
| vulnerability |
VCID-fx6n-du84-yya2 |
|
| 28 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 29 |
| vulnerability |
VCID-g3u3-6dza-gkg7 |
|
| 30 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 31 |
| vulnerability |
VCID-gr7c-tbh9-ayh6 |
|
| 32 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 33 |
| vulnerability |
VCID-hz2k-at38-wbeb |
|
| 34 |
| vulnerability |
VCID-j1yc-pqhw-pbh1 |
|
| 35 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 36 |
| vulnerability |
VCID-j4r9-8g22-vydm |
|
| 37 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 38 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 39 |
| vulnerability |
VCID-j7zf-w99n-nfcf |
|
| 40 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 41 |
| vulnerability |
VCID-jyzy-3fjs-b3fs |
|
| 42 |
| vulnerability |
VCID-kd54-616n-wbcw |
|
| 43 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 44 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 45 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 46 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 47 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 48 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 49 |
| vulnerability |
VCID-nqz7-ej49-ckay |
|
| 50 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 51 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 52 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 53 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 54 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 55 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 56 |
| vulnerability |
VCID-s8d1-k9q4-nkds |
|
| 57 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 58 |
| vulnerability |
VCID-svhr-wt5d-xbbq |
|
| 59 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 60 |
| vulnerability |
VCID-ta2u-bd9e-nfc7 |
|
| 61 |
| vulnerability |
VCID-tv1h-9yxp-ryap |
|
| 62 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 63 |
| vulnerability |
VCID-ty8g-qrbm-cuf3 |
|
| 64 |
| vulnerability |
VCID-unh6-xwtu-mkbt |
|
| 65 |
| vulnerability |
VCID-v2h1-1cfd-muft |
|
| 66 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 67 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 68 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 69 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
| 70 |
| vulnerability |
VCID-zw77-b3nt-gbag |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.1.10 |
|
|
| aliases |
CVE-2016-7572, GHSA-fmqh-2j2x-vgp3
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w9xe-83yw-mbhy |
|
| 70 |
| url |
VCID-yb9a-1mp4-1kcz |
| vulnerability_id |
VCID-yb9a-1mp4-1kcz |
| summary |
|
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/drupal/core |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/drupal/core |
|
| 2 |
|
| 3 |
| reference_url |
https://www.drupal.org/sa-core-2025-002 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:47:04Z/ |
|
|
| url |
https://www.drupal.org/sa-core-2025-002 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-31673, GHSA-wpp8-fjgf-pwc7
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yb9a-1mp4-1kcz |
|
| 71 |
| url |
VCID-yy7m-f66v-fbhz |
| vulnerability_id |
VCID-yy7m-f66v-fbhz |
| summary |
Deserialization of Untrusted Data
Drupal core uses the third-party PEAR `Archive_Tar` library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.6.6 |
| purl |
pkg:composer/drupal/core@8.6.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 21 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 22 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 23 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 24 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 25 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 26 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 27 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 28 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 29 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 30 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 31 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 32 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 33 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 34 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 35 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 36 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.6 |
|
|
| aliases |
CVE-2019-6338, GHSA-6rmq-x2hv-vxpp
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yy7m-f66v-fbhz |
|
| 72 |
|
| 73 |
| url |
VCID-zw77-b3nt-gbag |
| vulnerability_id |
VCID-zw77-b3nt-gbag |
| summary |
Drupal core Remote Code Execution |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/drupal/core@8.5.8 |
| purl |
pkg:composer/drupal/core@8.5.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1jfe-j1fz-juec |
|
| 2 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 3 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 4 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 5 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 6 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 7 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 8 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 9 |
| vulnerability |
VCID-757r-nv73-gfhg |
|
| 10 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 11 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 12 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 13 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 14 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 15 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 16 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 17 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 18 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 19 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 20 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 21 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 22 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 23 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 24 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 25 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 26 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 27 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 28 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 29 |
| vulnerability |
VCID-nfzm-eyht-kkb1 |
|
| 30 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 31 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 32 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 33 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 34 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 35 |
| vulnerability |
VCID-re2h-u5bk-wqbw |
|
| 36 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 37 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 38 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 39 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 40 |
| vulnerability |
VCID-vby4-6r8z-6qgy |
|
| 41 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 42 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 43 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.8 |
|
| 1 |
| url |
pkg:composer/drupal/core@8.6.2 |
| purl |
pkg:composer/drupal/core@8.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-163u-tpj9-skc5 |
|
| 1 |
| vulnerability |
VCID-1xsh-7f63-v3df |
|
| 2 |
| vulnerability |
VCID-3x3y-uf5e-m7hw |
|
| 3 |
| vulnerability |
VCID-49e1-axzk-3bdq |
|
| 4 |
| vulnerability |
VCID-4p5n-ujzt-qfdx |
|
| 5 |
| vulnerability |
VCID-5821-1xss-8fdu |
|
| 6 |
| vulnerability |
VCID-5qvn-f9d3-kygg |
|
| 7 |
| vulnerability |
VCID-5txj-xsnq-ducf |
|
| 8 |
| vulnerability |
VCID-795n-caf2-fbcq |
|
| 9 |
| vulnerability |
VCID-7qhc-n6hc-ukbu |
|
| 10 |
| vulnerability |
VCID-9ju9-nhf2-wfbe |
|
| 11 |
| vulnerability |
VCID-b2x6-54c3-jqa2 |
|
| 12 |
| vulnerability |
VCID-bnw7-px2h-ubha |
|
| 13 |
| vulnerability |
VCID-e8mp-5awh-eybz |
|
| 14 |
| vulnerability |
VCID-f687-ubdn-37en |
|
| 15 |
| vulnerability |
VCID-fy43-ubmr-pfhu |
|
| 16 |
| vulnerability |
VCID-g6px-rqtp-vqev |
|
| 17 |
| vulnerability |
VCID-h6c2-e5qv-myg8 |
|
| 18 |
| vulnerability |
VCID-h93x-dbpr-q7cz |
|
| 19 |
| vulnerability |
VCID-j2g3-u36y-nqdv |
|
| 20 |
| vulnerability |
VCID-j545-f44v-w3cn |
|
| 21 |
| vulnerability |
VCID-j59x-5swn-fuga |
|
| 22 |
| vulnerability |
VCID-jgec-wuca-bbf1 |
|
| 23 |
| vulnerability |
VCID-ktfj-va32-2kbe |
|
| 24 |
| vulnerability |
VCID-mhcb-rdtq-sufx |
|
| 25 |
| vulnerability |
VCID-n6tq-72g7-afdg |
|
| 26 |
| vulnerability |
VCID-nf7d-x5nj-d3dc |
|
| 27 |
| vulnerability |
VCID-ngmk-qxmz-gkdz |
|
| 28 |
| vulnerability |
VCID-phkw-q4nd-m7hh |
|
| 29 |
| vulnerability |
VCID-pyjy-13mt-cyck |
|
| 30 |
| vulnerability |
VCID-pyqg-gfn8-vqag |
|
| 31 |
| vulnerability |
VCID-qwwz-5n8j-9ben |
|
| 32 |
| vulnerability |
VCID-s6ek-bjnx-9fc1 |
|
| 33 |
| vulnerability |
VCID-sbnt-qndd-xubz |
|
| 34 |
| vulnerability |
VCID-swh1-rvuw-jqfx |
|
| 35 |
| vulnerability |
VCID-txkf-hpah-r3hu |
|
| 36 |
| vulnerability |
VCID-yb9a-1mp4-1kcz |
|
| 37 |
| vulnerability |
VCID-yy7m-f66v-fbhz |
|
| 38 |
| vulnerability |
VCID-zhxf-bmyy-wff6 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.2 |
|
|
| aliases |
GHSA-6mgp-v5cm-ghg5
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zw77-b3nt-gbag |
|