Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/drupal/core@8.0.0-beta11
Typecomposer
Namespacedrupal
Namecore
Version8.0.0-beta11
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.9
Latest_non_vulnerable_version11.2.8
Affected_by_vulnerabilities
0
url VCID-3hf4-tvxn-zyh4
vulnerability_id VCID-3hf4-tvxn-zyh4
summary 
Files uploaded by anonymous users accessed by other users
Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core does not provide this protection, allowing an access bypass vulnerability to occur. This issue is mitigated by the fact that in order to be affected, the site must allow anonymous users to upload files into a private file system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6922
reference_id
reference_type
scores
0
value 0.01788
scoring_system epss
scoring_elements 0.82674
published_at 2026-04-01T12:55:00Z
1
value 0.01788
scoring_system epss
scoring_elements 0.8274
published_at 2026-04-13T12:55:00Z
2
value 0.01788
scoring_system epss
scoring_elements 0.82744
published_at 2026-04-12T12:55:00Z
3
value 0.01788
scoring_system epss
scoring_elements 0.82749
published_at 2026-04-11T12:55:00Z
4
value 0.01788
scoring_system epss
scoring_elements 0.82732
published_at 2026-04-09T12:55:00Z
5
value 0.01788
scoring_system epss
scoring_elements 0.82726
published_at 2026-04-08T12:55:00Z
6
value 0.01788
scoring_system epss
scoring_elements 0.827
published_at 2026-04-07T12:55:00Z
7
value 0.01788
scoring_system epss
scoring_elements 0.82704
published_at 2026-04-04T12:55:00Z
8
value 0.01788
scoring_system epss
scoring_elements 0.8269
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6922
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6922
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6922
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6922.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6922.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6922.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6922.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6922
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6922
6
reference_url https://www.debian.org/security/2017/dsa-3897
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-3897
7
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
8
reference_url https://www.drupal.org/SA-CORE-2017-003
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-003
9
reference_url http://www.securityfocus.com/bid/99219
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/99219
10
reference_url http://www.securitytracker.com/id/1038781
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038781
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
14
reference_url https://github.com/advisories/GHSA-58f3-cx8p-h8jg
reference_id GHSA-58f3-cx8p-h8jg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-58f3-cx8p-h8jg
fixed_packages
0
url pkg:composer/drupal/core@8.3.4
purl pkg:composer/drupal/core@8.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-4aer-46u2-23f6
5
vulnerability VCID-565p-mgqe-gkfc
6
vulnerability VCID-5kh7-v1uc-wfha
7
vulnerability VCID-636u-5bdw-puh4
8
vulnerability VCID-6ck5-9e5b-w3ay
9
vulnerability VCID-6m8x-cfzp-tkf4
10
vulnerability VCID-77zc-1gc8-r7b7
11
vulnerability VCID-7fs3-gwc7-nkes
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9ss3-mvt3-8bem
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-bkxp-gn34-67av
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-cuk6-hskr-yyau
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-dqf8-ea9f-yber
22
vulnerability VCID-ed6y-c9tz-mbds
23
vulnerability VCID-fm5k-u7s6-wfhb
24
vulnerability VCID-fwbj-ctxz-2bc6
25
vulnerability VCID-g1rp-twzp-63e1
26
vulnerability VCID-g33x-1paw-7udm
27
vulnerability VCID-ga35-289v-vqhr
28
vulnerability VCID-gzcu-sbks-wyfa
29
vulnerability VCID-hgb1-xrne-e7c8
30
vulnerability VCID-hwnd-nuv7-jqbh
31
vulnerability VCID-j21d-w3g7-cbcg
32
vulnerability VCID-jctf-yffu-hbag
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-jrb8-jnz4-83c8
35
vulnerability VCID-k1gx-nznx-7qd6
36
vulnerability VCID-kam1-84p4-qych
37
vulnerability VCID-kdnk-7mz5-7ugf
38
vulnerability VCID-mapb-hsvc-2khc
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-qvbt-7e55-4bg4
44
vulnerability VCID-rhj7-dy7q-jkhw
45
vulnerability VCID-rr4q-f5cv-nkah
46
vulnerability VCID-st6v-ch5g-r7h2
47
vulnerability VCID-syrg-ckq7-cbd6
48
vulnerability VCID-u1xx-aazv-bkg5
49
vulnerability VCID-u4w3-usvb-jyf6
50
vulnerability VCID-ummk-h11z-bkaj
51
vulnerability VCID-uqcw-p8g2-cfd2
52
vulnerability VCID-v9v6-ae3e-g3hk
53
vulnerability VCID-vevm-4sfk-f7gq
54
vulnerability VCID-vrdx-165p-efda
55
vulnerability VCID-w6cz-mg4v-3udj
56
vulnerability VCID-wabj-ty5p-pfd6
57
vulnerability VCID-wbuz-qcp3-43aq
58
vulnerability VCID-ww44-hb2y-mfd5
59
vulnerability VCID-wwvq-399y-rfhc
60
vulnerability VCID-wzgs-fr3u-cbdn
61
vulnerability VCID-x2as-f9fx-9kff
62
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.4
aliases CVE-2017-6922, GHSA-58f3-cx8p-h8jg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3hf4-tvxn-zyh4
1
url VCID-48ut-ykkc-83fx
vulnerability_id VCID-48ut-ykkc-83fx
summary 
Comment reply form allows access to restricted content
Users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content. This vulnerability is mitigated by the fact that the comment system must be enabled and the attacker must have permission to post comments.
references
0
reference_url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6926
reference_id
reference_type
scores
url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6926
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6926
reference_id
reference_type
scores
0
value 0.00366
scoring_system epss
scoring_elements 0.58547
published_at 2026-04-13T12:55:00Z
1
value 0.00366
scoring_system epss
scoring_elements 0.58437
published_at 2026-04-01T12:55:00Z
2
value 0.00366
scoring_system epss
scoring_elements 0.58522
published_at 2026-04-02T12:55:00Z
3
value 0.00366
scoring_system epss
scoring_elements 0.58542
published_at 2026-04-04T12:55:00Z
4
value 0.00366
scoring_system epss
scoring_elements 0.58512
published_at 2026-04-07T12:55:00Z
5
value 0.00366
scoring_system epss
scoring_elements 0.58564
published_at 2026-04-08T12:55:00Z
6
value 0.00366
scoring_system epss
scoring_elements 0.58571
published_at 2026-04-09T12:55:00Z
7
value 0.00366
scoring_system epss
scoring_elements 0.58587
published_at 2026-04-11T12:55:00Z
8
value 0.00366
scoring_system epss
scoring_elements 0.58567
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6926
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6926.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6926.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6926.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6926.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6926
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6926
6
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
7
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
8
reference_url https://github.com/advisories/GHSA-2p28-5mvp-2j2r
reference_id GHSA-2p28-5mvp-2j2r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2p28-5mvp-2j2r
fixed_packages
0
url pkg:composer/drupal/core@8.4.5
purl pkg:composer/drupal/core@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5kh7-v1uc-wfha
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-77zc-1gc8-r7b7
10
vulnerability VCID-7fs3-gwc7-nkes
11
vulnerability VCID-9ss3-mvt3-8bem
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-bkxp-gn34-67av
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-dqf8-ea9f-yber
19
vulnerability VCID-ed6y-c9tz-mbds
20
vulnerability VCID-fwbj-ctxz-2bc6
21
vulnerability VCID-g33x-1paw-7udm
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hgb1-xrne-e7c8
25
vulnerability VCID-hwnd-nuv7-jqbh
26
vulnerability VCID-j21d-w3g7-cbcg
27
vulnerability VCID-jctf-yffu-hbag
28
vulnerability VCID-jrb8-jnz4-83c8
29
vulnerability VCID-k1gx-nznx-7qd6
30
vulnerability VCID-kam1-84p4-qych
31
vulnerability VCID-kdnk-7mz5-7ugf
32
vulnerability VCID-mapb-hsvc-2khc
33
vulnerability VCID-n119-gta2-kfg1
34
vulnerability VCID-n7un-zgqv-jfef
35
vulnerability VCID-nc36-atc6-yua6
36
vulnerability VCID-nd8n-5dsu-2fbp
37
vulnerability VCID-qvbt-7e55-4bg4
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-st6v-ch5g-r7h2
41
vulnerability VCID-syrg-ckq7-cbd6
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-ummk-h11z-bkaj
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-v9v6-ae3e-g3hk
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vrdx-165p-efda
49
vulnerability VCID-w6cz-mg4v-3udj
50
vulnerability VCID-wabj-ty5p-pfd6
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-ww44-hb2y-mfd5
53
vulnerability VCID-wwvq-399y-rfhc
54
vulnerability VCID-wzgs-fr3u-cbdn
55
vulnerability VCID-x2as-f9fx-9kff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5
aliases CVE-2017-6926, GHSA-2p28-5mvp-2j2r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48ut-ykkc-83fx
2
url VCID-4wwt-vt76-dbe1
vulnerability_id VCID-4wwt-vt76-dbe1
summary 
Cross-site Scripting in HTTP exceptions
An attacker can create a specially crafted url, which can execute arbitrary code in the victim’s browser if loaded. Drupal is not properly sanitizing an exception.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7571
reference_id
reference_type
scores
0
value 0.0039
scoring_system epss
scoring_elements 0.6002
published_at 2026-04-02T12:55:00Z
1
value 0.0039
scoring_system epss
scoring_elements 0.60045
published_at 2026-04-04T12:55:00Z
2
value 0.0039
scoring_system epss
scoring_elements 0.59943
published_at 2026-04-01T12:55:00Z
3
value 0.0039
scoring_system epss
scoring_elements 0.60068
published_at 2026-04-13T12:55:00Z
4
value 0.0039
scoring_system epss
scoring_elements 0.60085
published_at 2026-04-12T12:55:00Z
5
value 0.0039
scoring_system epss
scoring_elements 0.601
published_at 2026-04-11T12:55:00Z
6
value 0.0039
scoring_system epss
scoring_elements 0.60079
published_at 2026-04-09T12:55:00Z
7
value 0.0039
scoring_system epss
scoring_elements 0.60065
published_at 2026-04-08T12:55:00Z
8
value 0.0039
scoring_system epss
scoring_elements 0.60015
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7571
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7571.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7571.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7571.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7571.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7571
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7571
5
reference_url https://www.drupal.org/SA-CORE-2016-004
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-004
6
reference_url http://www.securityfocus.com/bid/93101
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93101
7
reference_url http://www.securitytracker.com/id/1036886
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1036886
8
reference_url https://github.com/advisories/GHSA-vhg8-x858-7wq6
reference_id GHSA-vhg8-x858-7wq6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vhg8-x858-7wq6
fixed_packages
0
url pkg:composer/drupal/core@8.1.10
purl pkg:composer/drupal/core@8.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-dqf8-ea9f-yber
25
vulnerability VCID-ed6y-c9tz-mbds
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-fwbj-ctxz-2bc6
28
vulnerability VCID-g1rp-twzp-63e1
29
vulnerability VCID-g33x-1paw-7udm
30
vulnerability VCID-ga35-289v-vqhr
31
vulnerability VCID-gzcu-sbks-wyfa
32
vulnerability VCID-hgb1-xrne-e7c8
33
vulnerability VCID-hpsp-5qtj-v7dq
34
vulnerability VCID-hwnd-nuv7-jqbh
35
vulnerability VCID-hzr8-ttbu-ebhg
36
vulnerability VCID-j21d-w3g7-cbcg
37
vulnerability VCID-jctf-yffu-hbag
38
vulnerability VCID-jnu7-1j9c-dqck
39
vulnerability VCID-jrb8-jnz4-83c8
40
vulnerability VCID-k1gx-nznx-7qd6
41
vulnerability VCID-kam1-84p4-qych
42
vulnerability VCID-kdnk-7mz5-7ugf
43
vulnerability VCID-krhy-kg1b-rfbk
44
vulnerability VCID-m1ur-bb9m-m7d5
45
vulnerability VCID-mapb-hsvc-2khc
46
vulnerability VCID-n119-gta2-kfg1
47
vulnerability VCID-n7un-zgqv-jfef
48
vulnerability VCID-nc36-atc6-yua6
49
vulnerability VCID-nd8n-5dsu-2fbp
50
vulnerability VCID-qvbt-7e55-4bg4
51
vulnerability VCID-rhj7-dy7q-jkhw
52
vulnerability VCID-rr4q-f5cv-nkah
53
vulnerability VCID-sktb-khbq-cuaq
54
vulnerability VCID-st6v-ch5g-r7h2
55
vulnerability VCID-syrg-ckq7-cbd6
56
vulnerability VCID-u1xx-aazv-bkg5
57
vulnerability VCID-u4w3-usvb-jyf6
58
vulnerability VCID-ummk-h11z-bkaj
59
vulnerability VCID-uqcw-p8g2-cfd2
60
vulnerability VCID-v9v6-ae3e-g3hk
61
vulnerability VCID-vevm-4sfk-f7gq
62
vulnerability VCID-vrdx-165p-efda
63
vulnerability VCID-vy1y-zkf3-4ue4
64
vulnerability VCID-w6cz-mg4v-3udj
65
vulnerability VCID-wabj-ty5p-pfd6
66
vulnerability VCID-wbuz-qcp3-43aq
67
vulnerability VCID-ww44-hb2y-mfd5
68
vulnerability VCID-wwvq-399y-rfhc
69
vulnerability VCID-wzgs-fr3u-cbdn
70
vulnerability VCID-x2as-f9fx-9kff
71
vulnerability VCID-y74s-ghyc-2bhs
72
vulnerability VCID-yare-57j9-j7cs
73
vulnerability VCID-ymka-jfep-87gt
74
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.1.10
aliases CVE-2016-7571, GHSA-vhg8-x858-7wq6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4wwt-vt76-dbe1
3
url VCID-636u-5bdw-puh4
vulnerability_id VCID-636u-5bdw-puh4
summary 
Cross-site Scripting
In Symfony, validation messages are not escaped, which can lead to XSS when user input is included.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
reference_id
reference_type
scores
0
value 0.00369
scoring_system epss
scoring_elements 0.58747
published_at 2026-04-02T12:55:00Z
1
value 0.00369
scoring_system epss
scoring_elements 0.58776
published_at 2026-04-13T12:55:00Z
2
value 0.00369
scoring_system epss
scoring_elements 0.58814
published_at 2026-04-11T12:55:00Z
3
value 0.00369
scoring_system epss
scoring_elements 0.58795
published_at 2026-04-12T12:55:00Z
4
value 0.00369
scoring_system epss
scoring_elements 0.58788
published_at 2026-04-08T12:55:00Z
5
value 0.00369
scoring_system epss
scoring_elements 0.58736
published_at 2026-04-07T12:55:00Z
6
value 0.00369
scoring_system epss
scoring_elements 0.58768
published_at 2026-04-04T12:55:00Z
7
value 0.00369
scoring_system epss
scoring_elements 0.58663
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
12
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
13
reference_url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
14
reference_url https://www.drupal.org/sa-core-2019-005
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-005
15
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_19
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
reference_id CVE-2019-10909
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
17
reference_url https://symfony.com/cve-2019-10909
reference_id CVE-2019-10909
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10909
18
reference_url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
reference_id CVE-2019-10909-ESCAPE-VALIDATION-MESSAGES-IN-THE-PHP-TEMPLATING-ENGINE
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
19
reference_url https://github.com/advisories/GHSA-g996-q5r8-w7g2
reference_id GHSA-g996-q5r8-w7g2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g996-q5r8-w7g2
fixed_packages
0
url pkg:composer/drupal/core@8.5.15
purl pkg:composer/drupal/core@8.5.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-5kh7-v1uc-wfha
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-77zc-1gc8-r7b7
5
vulnerability VCID-7fs3-gwc7-nkes
6
vulnerability VCID-9ss3-mvt3-8bem
7
vulnerability VCID-bbzr-hbhv-yyee
8
vulnerability VCID-bkxp-gn34-67av
9
vulnerability VCID-dgjq-y5zj-cud1
10
vulnerability VCID-ed6y-c9tz-mbds
11
vulnerability VCID-fwbj-ctxz-2bc6
12
vulnerability VCID-g33x-1paw-7udm
13
vulnerability VCID-hgb1-xrne-e7c8
14
vulnerability VCID-hwnd-nuv7-jqbh
15
vulnerability VCID-j21d-w3g7-cbcg
16
vulnerability VCID-jctf-yffu-hbag
17
vulnerability VCID-jrb8-jnz4-83c8
18
vulnerability VCID-k1gx-nznx-7qd6
19
vulnerability VCID-kam1-84p4-qych
20
vulnerability VCID-mapb-hsvc-2khc
21
vulnerability VCID-n119-gta2-kfg1
22
vulnerability VCID-n7un-zgqv-jfef
23
vulnerability VCID-qvbt-7e55-4bg4
24
vulnerability VCID-st6v-ch5g-r7h2
25
vulnerability VCID-syrg-ckq7-cbd6
26
vulnerability VCID-u4w3-usvb-jyf6
27
vulnerability VCID-ummk-h11z-bkaj
28
vulnerability VCID-uqcw-p8g2-cfd2
29
vulnerability VCID-v9v6-ae3e-g3hk
30
vulnerability VCID-vevm-4sfk-f7gq
31
vulnerability VCID-vrdx-165p-efda
32
vulnerability VCID-w6cz-mg4v-3udj
33
vulnerability VCID-wbuz-qcp3-43aq
34
vulnerability VCID-ww44-hb2y-mfd5
35
vulnerability VCID-wzgs-fr3u-cbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.15
1
url pkg:composer/drupal/core@8.6.15
purl pkg:composer/drupal/core@8.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-5kh7-v1uc-wfha
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-77zc-1gc8-r7b7
5
vulnerability VCID-7fs3-gwc7-nkes
6
vulnerability VCID-9ss3-mvt3-8bem
7
vulnerability VCID-bbzr-hbhv-yyee
8
vulnerability VCID-bkxp-gn34-67av
9
vulnerability VCID-dgjq-y5zj-cud1
10
vulnerability VCID-ed6y-c9tz-mbds
11
vulnerability VCID-fwbj-ctxz-2bc6
12
vulnerability VCID-g33x-1paw-7udm
13
vulnerability VCID-hgb1-xrne-e7c8
14
vulnerability VCID-hwnd-nuv7-jqbh
15
vulnerability VCID-j21d-w3g7-cbcg
16
vulnerability VCID-jctf-yffu-hbag
17
vulnerability VCID-jrb8-jnz4-83c8
18
vulnerability VCID-k1gx-nznx-7qd6
19
vulnerability VCID-kam1-84p4-qych
20
vulnerability VCID-mapb-hsvc-2khc
21
vulnerability VCID-n119-gta2-kfg1
22
vulnerability VCID-n7un-zgqv-jfef
23
vulnerability VCID-qvbt-7e55-4bg4
24
vulnerability VCID-st6v-ch5g-r7h2
25
vulnerability VCID-syrg-ckq7-cbd6
26
vulnerability VCID-u4w3-usvb-jyf6
27
vulnerability VCID-ummk-h11z-bkaj
28
vulnerability VCID-uqcw-p8g2-cfd2
29
vulnerability VCID-v9v6-ae3e-g3hk
30
vulnerability VCID-vevm-4sfk-f7gq
31
vulnerability VCID-vrdx-165p-efda
32
vulnerability VCID-w6cz-mg4v-3udj
33
vulnerability VCID-wbuz-qcp3-43aq
34
vulnerability VCID-ww44-hb2y-mfd5
35
vulnerability VCID-wzgs-fr3u-cbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.6.15
aliases CVE-2019-10909, GHSA-g996-q5r8-w7g2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-636u-5bdw-puh4
4
url VCID-9f24-vqyt-r7dq
vulnerability_id VCID-9f24-vqyt-r7dq
summary 
Language fallback can be incorrect on multilingual sites with node access restrictions
When using node access controls with a multilingual site, Drupal marks the untranslated version of a node as the default fallback for access queries. This fallback is used for languages that do not yet have a translated version of the created node. This can result in an access bypass vulnerability. This issue is mitigated by the fact that it only applies to sites that a) use the Content Translation module; and b) use a node access module such as Domain Access which implement hook_node_access_records(). Note that the update will mark the node access tables as needing a rebuild, which will take a long time on sites with a large number of nodes.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6930
reference_id
reference_type
scores
0
value 0.00424
scoring_system epss
scoring_elements 0.6218
published_at 2026-04-13T12:55:00Z
1
value 0.00424
scoring_system epss
scoring_elements 0.62065
published_at 2026-04-01T12:55:00Z
2
value 0.00424
scoring_system epss
scoring_elements 0.62125
published_at 2026-04-02T12:55:00Z
3
value 0.00424
scoring_system epss
scoring_elements 0.62156
published_at 2026-04-04T12:55:00Z
4
value 0.00424
scoring_system epss
scoring_elements 0.62126
published_at 2026-04-07T12:55:00Z
5
value 0.00424
scoring_system epss
scoring_elements 0.62176
published_at 2026-04-08T12:55:00Z
6
value 0.00424
scoring_system epss
scoring_elements 0.62194
published_at 2026-04-09T12:55:00Z
7
value 0.00424
scoring_system epss
scoring_elements 0.62211
published_at 2026-04-11T12:55:00Z
8
value 0.00424
scoring_system epss
scoring_elements 0.62201
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6930
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6930.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6930.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6930.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6930.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6930
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6930
5
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
6
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
7
reference_url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6930
reference_id
reference_type
scores
url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6930
8
reference_url https://github.com/advisories/GHSA-3327-jr93-7hq3
reference_id GHSA-3327-jr93-7hq3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3327-jr93-7hq3
fixed_packages
0
url pkg:composer/drupal/core@8.4.5
purl pkg:composer/drupal/core@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5kh7-v1uc-wfha
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-77zc-1gc8-r7b7
10
vulnerability VCID-7fs3-gwc7-nkes
11
vulnerability VCID-9ss3-mvt3-8bem
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-bkxp-gn34-67av
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-dqf8-ea9f-yber
19
vulnerability VCID-ed6y-c9tz-mbds
20
vulnerability VCID-fwbj-ctxz-2bc6
21
vulnerability VCID-g33x-1paw-7udm
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hgb1-xrne-e7c8
25
vulnerability VCID-hwnd-nuv7-jqbh
26
vulnerability VCID-j21d-w3g7-cbcg
27
vulnerability VCID-jctf-yffu-hbag
28
vulnerability VCID-jrb8-jnz4-83c8
29
vulnerability VCID-k1gx-nznx-7qd6
30
vulnerability VCID-kam1-84p4-qych
31
vulnerability VCID-kdnk-7mz5-7ugf
32
vulnerability VCID-mapb-hsvc-2khc
33
vulnerability VCID-n119-gta2-kfg1
34
vulnerability VCID-n7un-zgqv-jfef
35
vulnerability VCID-nc36-atc6-yua6
36
vulnerability VCID-nd8n-5dsu-2fbp
37
vulnerability VCID-qvbt-7e55-4bg4
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-st6v-ch5g-r7h2
41
vulnerability VCID-syrg-ckq7-cbd6
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-ummk-h11z-bkaj
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-v9v6-ae3e-g3hk
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vrdx-165p-efda
49
vulnerability VCID-w6cz-mg4v-3udj
50
vulnerability VCID-wabj-ty5p-pfd6
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-ww44-hb2y-mfd5
53
vulnerability VCID-wwvq-399y-rfhc
54
vulnerability VCID-wzgs-fr3u-cbdn
55
vulnerability VCID-x2as-f9fx-9kff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5
aliases CVE-2017-6930, GHSA-3327-jr93-7hq3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9f24-vqyt-r7dq
5
url VCID-9wt5-xe6d-n3cb
vulnerability_id VCID-9wt5-xe6d-n3cb
summary 
Open redirect via path manipulation
Drupal might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on an error page, related to path manipulation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3164
reference_id
reference_type
scores
0
value 0.007
scoring_system epss
scoring_elements 0.71951
published_at 2026-04-01T12:55:00Z
1
value 0.007
scoring_system epss
scoring_elements 0.71998
published_at 2026-04-13T12:55:00Z
2
value 0.007
scoring_system epss
scoring_elements 0.72013
published_at 2026-04-12T12:55:00Z
3
value 0.007
scoring_system epss
scoring_elements 0.72029
published_at 2026-04-11T12:55:00Z
4
value 0.007
scoring_system epss
scoring_elements 0.72005
published_at 2026-04-09T12:55:00Z
5
value 0.007
scoring_system epss
scoring_elements 0.71993
published_at 2026-04-08T12:55:00Z
6
value 0.007
scoring_system epss
scoring_elements 0.71954
published_at 2026-04-07T12:55:00Z
7
value 0.007
scoring_system epss
scoring_elements 0.71978
published_at 2026-04-04T12:55:00Z
8
value 0.007
scoring_system epss
scoring_elements 0.71958
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3164
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
7
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3164.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3164.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3164.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3164.yaml
10
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
11
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
12
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
13
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
109
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
110
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
111
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
112
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
113
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
114
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
115
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
116
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
117
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
118
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
119
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
120
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
121
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
122
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
123
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
124
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
125
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
126
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
127
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
128
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
129
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
130
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
131
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
132
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
133
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
134
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
135
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
136
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
137
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
138
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
139
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
140
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
141
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
142
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
143
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
144
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
145
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
146
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
147
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
148
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
149
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
150
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
151
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
152
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
153
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
154
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
155
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
156
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
157
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3164
reference_id CVE-2016-3164
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
2
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3164
158
reference_url https://github.com/advisories/GHSA-836p-6p4j-35cg
reference_id GHSA-836p-6p4j-35cg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-836p-6p4j-35cg
fixed_packages
0
url pkg:composer/drupal/core@8.0.4
purl pkg:composer/drupal/core@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-3sr6-86jw-6fb9
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-565p-mgqe-gkfc
10
vulnerability VCID-5kh7-v1uc-wfha
11
vulnerability VCID-636u-5bdw-puh4
12
vulnerability VCID-6ck5-9e5b-w3ay
13
vulnerability VCID-6m8x-cfzp-tkf4
14
vulnerability VCID-77zc-1gc8-r7b7
15
vulnerability VCID-7fs3-gwc7-nkes
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9ss3-mvt3-8bem
18
vulnerability VCID-9vdz-1jpq-kue3
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-bkxp-gn34-67av
21
vulnerability VCID-c9dm-17vt-4bbc
22
vulnerability VCID-cucx-jfqf-pkd1
23
vulnerability VCID-cuk6-hskr-yyau
24
vulnerability VCID-d4qd-ut89-gbf4
25
vulnerability VCID-dgjq-y5zj-cud1
26
vulnerability VCID-dqf8-ea9f-yber
27
vulnerability VCID-ed6y-c9tz-mbds
28
vulnerability VCID-fm5k-u7s6-wfhb
29
vulnerability VCID-fwbj-ctxz-2bc6
30
vulnerability VCID-g1rp-twzp-63e1
31
vulnerability VCID-g33x-1paw-7udm
32
vulnerability VCID-ga35-289v-vqhr
33
vulnerability VCID-gzcu-sbks-wyfa
34
vulnerability VCID-hgb1-xrne-e7c8
35
vulnerability VCID-hpsp-5qtj-v7dq
36
vulnerability VCID-hwnd-nuv7-jqbh
37
vulnerability VCID-hzr8-ttbu-ebhg
38
vulnerability VCID-j21d-w3g7-cbcg
39
vulnerability VCID-jctf-yffu-hbag
40
vulnerability VCID-jnu7-1j9c-dqck
41
vulnerability VCID-jrb8-jnz4-83c8
42
vulnerability VCID-k1gx-nznx-7qd6
43
vulnerability VCID-kam1-84p4-qych
44
vulnerability VCID-kdnk-7mz5-7ugf
45
vulnerability VCID-krhy-kg1b-rfbk
46
vulnerability VCID-m1ur-bb9m-m7d5
47
vulnerability VCID-mapb-hsvc-2khc
48
vulnerability VCID-n119-gta2-kfg1
49
vulnerability VCID-n7un-zgqv-jfef
50
vulnerability VCID-nc36-atc6-yua6
51
vulnerability VCID-nd8n-5dsu-2fbp
52
vulnerability VCID-qvbt-7e55-4bg4
53
vulnerability VCID-rhj7-dy7q-jkhw
54
vulnerability VCID-rr4q-f5cv-nkah
55
vulnerability VCID-sktb-khbq-cuaq
56
vulnerability VCID-st6v-ch5g-r7h2
57
vulnerability VCID-syrg-ckq7-cbd6
58
vulnerability VCID-u1xx-aazv-bkg5
59
vulnerability VCID-u4w3-usvb-jyf6
60
vulnerability VCID-ummk-h11z-bkaj
61
vulnerability VCID-uqcw-p8g2-cfd2
62
vulnerability VCID-v9v6-ae3e-g3hk
63
vulnerability VCID-vevm-4sfk-f7gq
64
vulnerability VCID-vrdx-165p-efda
65
vulnerability VCID-vy1y-zkf3-4ue4
66
vulnerability VCID-w6cz-mg4v-3udj
67
vulnerability VCID-wabj-ty5p-pfd6
68
vulnerability VCID-wbuz-qcp3-43aq
69
vulnerability VCID-ww44-hb2y-mfd5
70
vulnerability VCID-wwvq-399y-rfhc
71
vulnerability VCID-wzgs-fr3u-cbdn
72
vulnerability VCID-x2as-f9fx-9kff
73
vulnerability VCID-y74s-ghyc-2bhs
74
vulnerability VCID-yare-57j9-j7cs
75
vulnerability VCID-ymka-jfep-87gt
76
vulnerability VCID-yrzt-3m97-53ce
77
vulnerability VCID-yty5-zn46-r3dj
78
vulnerability VCID-zawz-vky5-tkgt
79
vulnerability VCID-zvtp-4we3-qygx
80
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.4
aliases CVE-2016-3164, GHSA-836p-6p4j-35cg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9wt5-xe6d-n3cb
6
url VCID-cuk6-hskr-yyau
vulnerability_id VCID-cuk6-hskr-yyau
summary 
Settings Tray access bypass
In Drupal, the Settings Tray module has a vulnerability that allows users to update certain data that they do not have the permissions for.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6931
reference_id
reference_type
scores
0
value 0.00179
scoring_system epss
scoring_elements 0.39534
published_at 2026-04-13T12:55:00Z
1
value 0.00179
scoring_system epss
scoring_elements 0.39406
published_at 2026-04-01T12:55:00Z
2
value 0.00179
scoring_system epss
scoring_elements 0.39568
published_at 2026-04-02T12:55:00Z
3
value 0.00179
scoring_system epss
scoring_elements 0.39592
published_at 2026-04-04T12:55:00Z
4
value 0.00179
scoring_system epss
scoring_elements 0.39507
published_at 2026-04-07T12:55:00Z
5
value 0.00179
scoring_system epss
scoring_elements 0.39562
published_at 2026-04-08T12:55:00Z
6
value 0.00179
scoring_system epss
scoring_elements 0.39578
published_at 2026-04-09T12:55:00Z
7
value 0.00179
scoring_system epss
scoring_elements 0.39588
published_at 2026-04-11T12:55:00Z
8
value 0.00179
scoring_system epss
scoring_elements 0.3955
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6931
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6931
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6931
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6931.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6931.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6931.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6931.yaml
5
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
6
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6931
reference_id CVE-2017-6931
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6931
8
reference_url https://github.com/advisories/GHSA-7ffh-cjvg-fpr4
reference_id GHSA-7ffh-cjvg-fpr4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7ffh-cjvg-fpr4
fixed_packages
0
url pkg:composer/drupal/core@8.4.5
purl pkg:composer/drupal/core@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5kh7-v1uc-wfha
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-77zc-1gc8-r7b7
10
vulnerability VCID-7fs3-gwc7-nkes
11
vulnerability VCID-9ss3-mvt3-8bem
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-bkxp-gn34-67av
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-dqf8-ea9f-yber
19
vulnerability VCID-ed6y-c9tz-mbds
20
vulnerability VCID-fwbj-ctxz-2bc6
21
vulnerability VCID-g33x-1paw-7udm
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hgb1-xrne-e7c8
25
vulnerability VCID-hwnd-nuv7-jqbh
26
vulnerability VCID-j21d-w3g7-cbcg
27
vulnerability VCID-jctf-yffu-hbag
28
vulnerability VCID-jrb8-jnz4-83c8
29
vulnerability VCID-k1gx-nznx-7qd6
30
vulnerability VCID-kam1-84p4-qych
31
vulnerability VCID-kdnk-7mz5-7ugf
32
vulnerability VCID-mapb-hsvc-2khc
33
vulnerability VCID-n119-gta2-kfg1
34
vulnerability VCID-n7un-zgqv-jfef
35
vulnerability VCID-nc36-atc6-yua6
36
vulnerability VCID-nd8n-5dsu-2fbp
37
vulnerability VCID-qvbt-7e55-4bg4
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-st6v-ch5g-r7h2
41
vulnerability VCID-syrg-ckq7-cbd6
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-ummk-h11z-bkaj
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-v9v6-ae3e-g3hk
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vrdx-165p-efda
49
vulnerability VCID-w6cz-mg4v-3udj
50
vulnerability VCID-wabj-ty5p-pfd6
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-ww44-hb2y-mfd5
53
vulnerability VCID-wwvq-399y-rfhc
54
vulnerability VCID-wzgs-fr3u-cbdn
55
vulnerability VCID-x2as-f9fx-9kff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5
aliases CVE-2017-6931, GHSA-7ffh-cjvg-fpr4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cuk6-hskr-yyau
7
url VCID-d4qd-ut89-gbf4
vulnerability_id VCID-d4qd-ut89-gbf4
summary 
Remote code execution
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerable to this if you are running a version of Drupal. To be sure you aren’t vulnerable, you can remove the /vendor/phpunit directory from the site root of your production deployments.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6381
reference_id
reference_type
scores
0
value 0.03314
scoring_system epss
scoring_elements 0.87217
published_at 2026-04-02T12:55:00Z
1
value 0.03314
scoring_system epss
scoring_elements 0.87259
published_at 2026-04-13T12:55:00Z
2
value 0.03314
scoring_system epss
scoring_elements 0.87263
published_at 2026-04-12T12:55:00Z
3
value 0.03314
scoring_system epss
scoring_elements 0.87269
published_at 2026-04-11T12:55:00Z
4
value 0.03314
scoring_system epss
scoring_elements 0.87233
published_at 2026-04-04T12:55:00Z
5
value 0.03314
scoring_system epss
scoring_elements 0.87207
published_at 2026-04-01T12:55:00Z
6
value 0.03314
scoring_system epss
scoring_elements 0.87257
published_at 2026-04-09T12:55:00Z
7
value 0.03314
scoring_system epss
scoring_elements 0.8725
published_at 2026-04-08T12:55:00Z
8
value 0.03314
scoring_system epss
scoring_elements 0.8723
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6381
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6381.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6381.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6381.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6381.yaml
4
reference_url https://www.drupal.org/SA-2017-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-2017-001
5
reference_url http://www.securityfocus.com/bid/96919
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96919
6
reference_url http://www.securitytracker.com/id/1038058
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038058
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6381
reference_id CVE-2017-6381
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6381
68
reference_url https://github.com/advisories/GHSA-rhx9-3qf7-r3j7
reference_id GHSA-rhx9-3qf7-r3j7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rhx9-3qf7-r3j7
fixed_packages
0
url pkg:composer/drupal/core@8.2.7
purl pkg:composer/drupal/core@8.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-dgjq-y5zj-cud1
23
vulnerability VCID-dqf8-ea9f-yber
24
vulnerability VCID-ed6y-c9tz-mbds
25
vulnerability VCID-fm5k-u7s6-wfhb
26
vulnerability VCID-fwbj-ctxz-2bc6
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-g33x-1paw-7udm
29
vulnerability VCID-ga35-289v-vqhr
30
vulnerability VCID-gzcu-sbks-wyfa
31
vulnerability VCID-hgb1-xrne-e7c8
32
vulnerability VCID-hwnd-nuv7-jqbh
33
vulnerability VCID-hzr8-ttbu-ebhg
34
vulnerability VCID-j21d-w3g7-cbcg
35
vulnerability VCID-jctf-yffu-hbag
36
vulnerability VCID-jnu7-1j9c-dqck
37
vulnerability VCID-jrb8-jnz4-83c8
38
vulnerability VCID-k1gx-nznx-7qd6
39
vulnerability VCID-kam1-84p4-qych
40
vulnerability VCID-kdnk-7mz5-7ugf
41
vulnerability VCID-krhy-kg1b-rfbk
42
vulnerability VCID-mapb-hsvc-2khc
43
vulnerability VCID-n119-gta2-kfg1
44
vulnerability VCID-n7un-zgqv-jfef
45
vulnerability VCID-nc36-atc6-yua6
46
vulnerability VCID-nd8n-5dsu-2fbp
47
vulnerability VCID-qvbt-7e55-4bg4
48
vulnerability VCID-rhj7-dy7q-jkhw
49
vulnerability VCID-rr4q-f5cv-nkah
50
vulnerability VCID-st6v-ch5g-r7h2
51
vulnerability VCID-syrg-ckq7-cbd6
52
vulnerability VCID-u1xx-aazv-bkg5
53
vulnerability VCID-u4w3-usvb-jyf6
54
vulnerability VCID-ummk-h11z-bkaj
55
vulnerability VCID-uqcw-p8g2-cfd2
56
vulnerability VCID-v9v6-ae3e-g3hk
57
vulnerability VCID-vevm-4sfk-f7gq
58
vulnerability VCID-vrdx-165p-efda
59
vulnerability VCID-w6cz-mg4v-3udj
60
vulnerability VCID-wabj-ty5p-pfd6
61
vulnerability VCID-wbuz-qcp3-43aq
62
vulnerability VCID-ww44-hb2y-mfd5
63
vulnerability VCID-wwvq-399y-rfhc
64
vulnerability VCID-wzgs-fr3u-cbdn
65
vulnerability VCID-x2as-f9fx-9kff
66
vulnerability VCID-y74s-ghyc-2bhs
67
vulnerability VCID-yare-57j9-j7cs
68
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.7
aliases CVE-2017-6381, GHSA-rhx9-3qf7-r3j7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4qd-ut89-gbf4
8
url VCID-hpsp-5qtj-v7dq
vulnerability_id VCID-hpsp-5qtj-v7dq
summary 
Access Bypass
When adding a private file via the editor in Drupal, the editor will not correctly check access for the file being attached, resulting in an access bypass.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6377
reference_id
reference_type
scores
0
value 0.00288
scoring_system epss
scoring_elements 0.52172
published_at 2026-04-02T12:55:00Z
1
value 0.00288
scoring_system epss
scoring_elements 0.52234
published_at 2026-04-13T12:55:00Z
2
value 0.00288
scoring_system epss
scoring_elements 0.52248
published_at 2026-04-12T12:55:00Z
3
value 0.00288
scoring_system epss
scoring_elements 0.52264
published_at 2026-04-11T12:55:00Z
4
value 0.00288
scoring_system epss
scoring_elements 0.52213
published_at 2026-04-09T12:55:00Z
5
value 0.00288
scoring_system epss
scoring_elements 0.52217
published_at 2026-04-08T12:55:00Z
6
value 0.00288
scoring_system epss
scoring_elements 0.52164
published_at 2026-04-07T12:55:00Z
7
value 0.00288
scoring_system epss
scoring_elements 0.52199
published_at 2026-04-04T12:55:00Z
8
value 0.00288
scoring_system epss
scoring_elements 0.52129
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6377
1
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6377.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6377.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6377.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6377.yaml
4
reference_url https://www.drupal.org/SA-2017-001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-2017-001
5
reference_url http://www.securityfocus.com/bid/96919
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96919
6
reference_url http://www.securitytracker.com/id/1038058
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038058
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6377
reference_id CVE-2017-6377
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6377
20
reference_url https://github.com/advisories/GHSA-w7qx-vwr9-2j3r
reference_id GHSA-w7qx-vwr9-2j3r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w7qx-vwr9-2j3r
fixed_packages
0
url pkg:composer/drupal/core@8.2.7
purl pkg:composer/drupal/core@8.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-dgjq-y5zj-cud1
23
vulnerability VCID-dqf8-ea9f-yber
24
vulnerability VCID-ed6y-c9tz-mbds
25
vulnerability VCID-fm5k-u7s6-wfhb
26
vulnerability VCID-fwbj-ctxz-2bc6
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-g33x-1paw-7udm
29
vulnerability VCID-ga35-289v-vqhr
30
vulnerability VCID-gzcu-sbks-wyfa
31
vulnerability VCID-hgb1-xrne-e7c8
32
vulnerability VCID-hwnd-nuv7-jqbh
33
vulnerability VCID-hzr8-ttbu-ebhg
34
vulnerability VCID-j21d-w3g7-cbcg
35
vulnerability VCID-jctf-yffu-hbag
36
vulnerability VCID-jnu7-1j9c-dqck
37
vulnerability VCID-jrb8-jnz4-83c8
38
vulnerability VCID-k1gx-nznx-7qd6
39
vulnerability VCID-kam1-84p4-qych
40
vulnerability VCID-kdnk-7mz5-7ugf
41
vulnerability VCID-krhy-kg1b-rfbk
42
vulnerability VCID-mapb-hsvc-2khc
43
vulnerability VCID-n119-gta2-kfg1
44
vulnerability VCID-n7un-zgqv-jfef
45
vulnerability VCID-nc36-atc6-yua6
46
vulnerability VCID-nd8n-5dsu-2fbp
47
vulnerability VCID-qvbt-7e55-4bg4
48
vulnerability VCID-rhj7-dy7q-jkhw
49
vulnerability VCID-rr4q-f5cv-nkah
50
vulnerability VCID-st6v-ch5g-r7h2
51
vulnerability VCID-syrg-ckq7-cbd6
52
vulnerability VCID-u1xx-aazv-bkg5
53
vulnerability VCID-u4w3-usvb-jyf6
54
vulnerability VCID-ummk-h11z-bkaj
55
vulnerability VCID-uqcw-p8g2-cfd2
56
vulnerability VCID-v9v6-ae3e-g3hk
57
vulnerability VCID-vevm-4sfk-f7gq
58
vulnerability VCID-vrdx-165p-efda
59
vulnerability VCID-w6cz-mg4v-3udj
60
vulnerability VCID-wabj-ty5p-pfd6
61
vulnerability VCID-wbuz-qcp3-43aq
62
vulnerability VCID-ww44-hb2y-mfd5
63
vulnerability VCID-wwvq-399y-rfhc
64
vulnerability VCID-wzgs-fr3u-cbdn
65
vulnerability VCID-x2as-f9fx-9kff
66
vulnerability VCID-y74s-ghyc-2bhs
67
vulnerability VCID-yare-57j9-j7cs
68
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.7
aliases CVE-2017-6377, GHSA-w7qx-vwr9-2j3r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpsp-5qtj-v7dq
9
url VCID-hzr8-ttbu-ebhg
vulnerability_id VCID-hzr8-ttbu-ebhg
summary 
PECL YAML parser unsafe object handling
PECL YAML parser does not handle PHP objects safely during certain operations within Drupal core. This can lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6920
reference_id
reference_type
scores
0
value 0.66148
scoring_system epss
scoring_elements 0.98509
published_at 2026-04-02T12:55:00Z
1
value 0.66148
scoring_system epss
scoring_elements 0.98518
published_at 2026-04-13T12:55:00Z
2
value 0.66148
scoring_system epss
scoring_elements 0.98516
published_at 2026-04-09T12:55:00Z
3
value 0.66148
scoring_system epss
scoring_elements 0.98515
published_at 2026-04-08T12:55:00Z
4
value 0.66148
scoring_system epss
scoring_elements 0.98512
published_at 2026-04-07T12:55:00Z
5
value 0.66148
scoring_system epss
scoring_elements 0.98511
published_at 2026-04-04T12:55:00Z
6
value 0.66148
scoring_system epss
scoring_elements 0.98507
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6920
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6920.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6920.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6920.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6920.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6920
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6920
5
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
6
reference_url https://www.drupal.org/SA-CORE-2017-003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-003
7
reference_url http://www.securityfocus.com/bid/99211
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/99211
8
reference_url http://www.securitytracker.com/id/1038781
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038781
9
reference_url https://github.com/advisories/GHSA-9c24-g32g-35rj
reference_id GHSA-9c24-g32g-35rj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9c24-g32g-35rj
fixed_packages
0
url pkg:composer/drupal/core@8.3.4
purl pkg:composer/drupal/core@8.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-4aer-46u2-23f6
5
vulnerability VCID-565p-mgqe-gkfc
6
vulnerability VCID-5kh7-v1uc-wfha
7
vulnerability VCID-636u-5bdw-puh4
8
vulnerability VCID-6ck5-9e5b-w3ay
9
vulnerability VCID-6m8x-cfzp-tkf4
10
vulnerability VCID-77zc-1gc8-r7b7
11
vulnerability VCID-7fs3-gwc7-nkes
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9ss3-mvt3-8bem
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-bkxp-gn34-67av
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-cuk6-hskr-yyau
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-dqf8-ea9f-yber
22
vulnerability VCID-ed6y-c9tz-mbds
23
vulnerability VCID-fm5k-u7s6-wfhb
24
vulnerability VCID-fwbj-ctxz-2bc6
25
vulnerability VCID-g1rp-twzp-63e1
26
vulnerability VCID-g33x-1paw-7udm
27
vulnerability VCID-ga35-289v-vqhr
28
vulnerability VCID-gzcu-sbks-wyfa
29
vulnerability VCID-hgb1-xrne-e7c8
30
vulnerability VCID-hwnd-nuv7-jqbh
31
vulnerability VCID-j21d-w3g7-cbcg
32
vulnerability VCID-jctf-yffu-hbag
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-jrb8-jnz4-83c8
35
vulnerability VCID-k1gx-nznx-7qd6
36
vulnerability VCID-kam1-84p4-qych
37
vulnerability VCID-kdnk-7mz5-7ugf
38
vulnerability VCID-mapb-hsvc-2khc
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-qvbt-7e55-4bg4
44
vulnerability VCID-rhj7-dy7q-jkhw
45
vulnerability VCID-rr4q-f5cv-nkah
46
vulnerability VCID-st6v-ch5g-r7h2
47
vulnerability VCID-syrg-ckq7-cbd6
48
vulnerability VCID-u1xx-aazv-bkg5
49
vulnerability VCID-u4w3-usvb-jyf6
50
vulnerability VCID-ummk-h11z-bkaj
51
vulnerability VCID-uqcw-p8g2-cfd2
52
vulnerability VCID-v9v6-ae3e-g3hk
53
vulnerability VCID-vevm-4sfk-f7gq
54
vulnerability VCID-vrdx-165p-efda
55
vulnerability VCID-w6cz-mg4v-3udj
56
vulnerability VCID-wabj-ty5p-pfd6
57
vulnerability VCID-wbuz-qcp3-43aq
58
vulnerability VCID-ww44-hb2y-mfd5
59
vulnerability VCID-wwvq-399y-rfhc
60
vulnerability VCID-wzgs-fr3u-cbdn
61
vulnerability VCID-x2as-f9fx-9kff
62
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.4
aliases CVE-2017-6920, GHSA-9c24-g32g-35rj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hzr8-ttbu-ebhg
10
url VCID-jnu7-1j9c-dqck
vulnerability_id VCID-jnu7-1j9c-dqck
summary 
JavaScript cross-site scripting prevention is incomplete
Drupal has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output is not auto-escaped by either Drupal 7 or Drupal 8). This function does not correctly handle all methods of injecting malicious HTML, leading to a cross-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for HTML escaping are not affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6927
reference_id
reference_type
scores
0
value 0.0139
scoring_system epss
scoring_elements 0.80305
published_at 2026-04-02T12:55:00Z
1
value 0.0139
scoring_system epss
scoring_elements 0.80325
published_at 2026-04-04T12:55:00Z
2
value 0.0139
scoring_system epss
scoring_elements 0.80297
published_at 2026-04-01T12:55:00Z
3
value 0.0139
scoring_system epss
scoring_elements 0.8035
published_at 2026-04-13T12:55:00Z
4
value 0.0139
scoring_system epss
scoring_elements 0.80356
published_at 2026-04-12T12:55:00Z
5
value 0.0139
scoring_system epss
scoring_elements 0.80371
published_at 2026-04-11T12:55:00Z
6
value 0.0139
scoring_system epss
scoring_elements 0.80352
published_at 2026-04-09T12:55:00Z
7
value 0.0139
scoring_system epss
scoring_elements 0.80341
published_at 2026-04-08T12:55:00Z
8
value 0.0139
scoring_system epss
scoring_elements 0.80313
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6927
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
5
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6927.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6927.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6927.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6927.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6927
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6927
10
reference_url https://www.debian.org/security/2018/dsa-4123
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4123
11
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
12
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
13
reference_url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6927
reference_id
reference_type
scores
url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6927
14
reference_url http://www.securityfocus.com/bid/103138
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103138
15
reference_url https://github.com/advisories/GHSA-585j-5449-mf5m
reference_id GHSA-585j-5449-mf5m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-585j-5449-mf5m
fixed_packages
0
url pkg:composer/drupal/core@8.4.5
purl pkg:composer/drupal/core@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5kh7-v1uc-wfha
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-77zc-1gc8-r7b7
10
vulnerability VCID-7fs3-gwc7-nkes
11
vulnerability VCID-9ss3-mvt3-8bem
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-bkxp-gn34-67av
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-dqf8-ea9f-yber
19
vulnerability VCID-ed6y-c9tz-mbds
20
vulnerability VCID-fwbj-ctxz-2bc6
21
vulnerability VCID-g33x-1paw-7udm
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hgb1-xrne-e7c8
25
vulnerability VCID-hwnd-nuv7-jqbh
26
vulnerability VCID-j21d-w3g7-cbcg
27
vulnerability VCID-jctf-yffu-hbag
28
vulnerability VCID-jrb8-jnz4-83c8
29
vulnerability VCID-k1gx-nznx-7qd6
30
vulnerability VCID-kam1-84p4-qych
31
vulnerability VCID-kdnk-7mz5-7ugf
32
vulnerability VCID-mapb-hsvc-2khc
33
vulnerability VCID-n119-gta2-kfg1
34
vulnerability VCID-n7un-zgqv-jfef
35
vulnerability VCID-nc36-atc6-yua6
36
vulnerability VCID-nd8n-5dsu-2fbp
37
vulnerability VCID-qvbt-7e55-4bg4
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-st6v-ch5g-r7h2
41
vulnerability VCID-syrg-ckq7-cbd6
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-ummk-h11z-bkaj
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-v9v6-ae3e-g3hk
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vrdx-165p-efda
49
vulnerability VCID-w6cz-mg4v-3udj
50
vulnerability VCID-wabj-ty5p-pfd6
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-ww44-hb2y-mfd5
53
vulnerability VCID-wwvq-399y-rfhc
54
vulnerability VCID-wzgs-fr3u-cbdn
55
vulnerability VCID-x2as-f9fx-9kff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.5
aliases CVE-2017-6927, GHSA-585j-5449-mf5m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jnu7-1j9c-dqck
11
url VCID-krhy-kg1b-rfbk
vulnerability_id VCID-krhy-kg1b-rfbk
summary 
File REST resource does not properly validate
The file REST resource does not properly validate some fields when manipulating files. the file REST resource is enabled and allows PATCH requests, and an attacker can get or register a user account on the site with permissions to upload files and to modify the file resource.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6921
reference_id
reference_type
scores
0
value 0.00463
scoring_system epss
scoring_elements 0.64204
published_at 2026-04-01T12:55:00Z
1
value 0.00463
scoring_system epss
scoring_elements 0.64289
published_at 2026-04-04T12:55:00Z
2
value 0.00463
scoring_system epss
scoring_elements 0.64262
published_at 2026-04-02T12:55:00Z
3
value 0.00463
scoring_system epss
scoring_elements 0.6429
published_at 2026-04-13T12:55:00Z
4
value 0.00463
scoring_system epss
scoring_elements 0.64316
published_at 2026-04-12T12:55:00Z
5
value 0.00463
scoring_system epss
scoring_elements 0.64327
published_at 2026-04-11T12:55:00Z
6
value 0.00463
scoring_system epss
scoring_elements 0.64314
published_at 2026-04-09T12:55:00Z
7
value 0.00463
scoring_system epss
scoring_elements 0.64299
published_at 2026-04-08T12:55:00Z
8
value 0.00463
scoring_system epss
scoring_elements 0.64249
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6921
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6921.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6921.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6921.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6921.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6921
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6921
5
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
6
reference_url https://www.drupal.org/SA-CORE-2017-003
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-003
7
reference_url http://www.securityfocus.com/bid/99222
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/99222
8
reference_url http://www.securitytracker.com/id/1038781
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038781
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
10
reference_url https://github.com/advisories/GHSA-h377-287m-w2r9
reference_id GHSA-h377-287m-w2r9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h377-287m-w2r9
fixed_packages
0
url pkg:composer/drupal/core@8.3.4
purl pkg:composer/drupal/core@8.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-4aer-46u2-23f6
5
vulnerability VCID-565p-mgqe-gkfc
6
vulnerability VCID-5kh7-v1uc-wfha
7
vulnerability VCID-636u-5bdw-puh4
8
vulnerability VCID-6ck5-9e5b-w3ay
9
vulnerability VCID-6m8x-cfzp-tkf4
10
vulnerability VCID-77zc-1gc8-r7b7
11
vulnerability VCID-7fs3-gwc7-nkes
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9ss3-mvt3-8bem
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-bkxp-gn34-67av
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-cuk6-hskr-yyau
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-dqf8-ea9f-yber
22
vulnerability VCID-ed6y-c9tz-mbds
23
vulnerability VCID-fm5k-u7s6-wfhb
24
vulnerability VCID-fwbj-ctxz-2bc6
25
vulnerability VCID-g1rp-twzp-63e1
26
vulnerability VCID-g33x-1paw-7udm
27
vulnerability VCID-ga35-289v-vqhr
28
vulnerability VCID-gzcu-sbks-wyfa
29
vulnerability VCID-hgb1-xrne-e7c8
30
vulnerability VCID-hwnd-nuv7-jqbh
31
vulnerability VCID-j21d-w3g7-cbcg
32
vulnerability VCID-jctf-yffu-hbag
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-jrb8-jnz4-83c8
35
vulnerability VCID-k1gx-nznx-7qd6
36
vulnerability VCID-kam1-84p4-qych
37
vulnerability VCID-kdnk-7mz5-7ugf
38
vulnerability VCID-mapb-hsvc-2khc
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-qvbt-7e55-4bg4
44
vulnerability VCID-rhj7-dy7q-jkhw
45
vulnerability VCID-rr4q-f5cv-nkah
46
vulnerability VCID-st6v-ch5g-r7h2
47
vulnerability VCID-syrg-ckq7-cbd6
48
vulnerability VCID-u1xx-aazv-bkg5
49
vulnerability VCID-u4w3-usvb-jyf6
50
vulnerability VCID-ummk-h11z-bkaj
51
vulnerability VCID-uqcw-p8g2-cfd2
52
vulnerability VCID-v9v6-ae3e-g3hk
53
vulnerability VCID-vevm-4sfk-f7gq
54
vulnerability VCID-vrdx-165p-efda
55
vulnerability VCID-w6cz-mg4v-3udj
56
vulnerability VCID-wabj-ty5p-pfd6
57
vulnerability VCID-wbuz-qcp3-43aq
58
vulnerability VCID-ww44-hb2y-mfd5
59
vulnerability VCID-wwvq-399y-rfhc
60
vulnerability VCID-wzgs-fr3u-cbdn
61
vulnerability VCID-x2as-f9fx-9kff
62
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.4
aliases CVE-2017-6921, GHSA-h377-287m-w2r9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-krhy-kg1b-rfbk
12
url VCID-m1ur-bb9m-m7d5
vulnerability_id VCID-m1ur-bb9m-m7d5
summary 
Cross Site Request Forgery
Some administrative paths did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6379
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.40894
published_at 2026-04-01T12:55:00Z
1
value 0.00191
scoring_system epss
scoring_elements 0.40957
published_at 2026-04-13T12:55:00Z
2
value 0.00191
scoring_system epss
scoring_elements 0.40974
published_at 2026-04-12T12:55:00Z
3
value 0.00191
scoring_system epss
scoring_elements 0.41009
published_at 2026-04-11T12:55:00Z
4
value 0.00191
scoring_system epss
scoring_elements 0.40991
published_at 2026-04-09T12:55:00Z
5
value 0.00191
scoring_system epss
scoring_elements 0.40983
published_at 2026-04-08T12:55:00Z
6
value 0.00191
scoring_system epss
scoring_elements 0.40934
published_at 2026-04-07T12:55:00Z
7
value 0.00191
scoring_system epss
scoring_elements 0.41008
published_at 2026-04-04T12:55:00Z
8
value 0.00191
scoring_system epss
scoring_elements 0.40975
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6379
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6379.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6379.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6379.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6379.yaml
4
reference_url https://www.drupal.org/SA-2017-001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-2017-001
5
reference_url http://www.securityfocus.com/bid/96919
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96919
6
reference_url http://www.securitytracker.com/id/1038058
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038058
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6379
reference_id CVE-2017-6379
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6379
20
reference_url https://github.com/advisories/GHSA-gxxq-fhc7-3jv9
reference_id GHSA-gxxq-fhc7-3jv9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gxxq-fhc7-3jv9
fixed_packages
0
url pkg:composer/drupal/core@8.2.7
purl pkg:composer/drupal/core@8.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-dgjq-y5zj-cud1
23
vulnerability VCID-dqf8-ea9f-yber
24
vulnerability VCID-ed6y-c9tz-mbds
25
vulnerability VCID-fm5k-u7s6-wfhb
26
vulnerability VCID-fwbj-ctxz-2bc6
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-g33x-1paw-7udm
29
vulnerability VCID-ga35-289v-vqhr
30
vulnerability VCID-gzcu-sbks-wyfa
31
vulnerability VCID-hgb1-xrne-e7c8
32
vulnerability VCID-hwnd-nuv7-jqbh
33
vulnerability VCID-hzr8-ttbu-ebhg
34
vulnerability VCID-j21d-w3g7-cbcg
35
vulnerability VCID-jctf-yffu-hbag
36
vulnerability VCID-jnu7-1j9c-dqck
37
vulnerability VCID-jrb8-jnz4-83c8
38
vulnerability VCID-k1gx-nznx-7qd6
39
vulnerability VCID-kam1-84p4-qych
40
vulnerability VCID-kdnk-7mz5-7ugf
41
vulnerability VCID-krhy-kg1b-rfbk
42
vulnerability VCID-mapb-hsvc-2khc
43
vulnerability VCID-n119-gta2-kfg1
44
vulnerability VCID-n7un-zgqv-jfef
45
vulnerability VCID-nc36-atc6-yua6
46
vulnerability VCID-nd8n-5dsu-2fbp
47
vulnerability VCID-qvbt-7e55-4bg4
48
vulnerability VCID-rhj7-dy7q-jkhw
49
vulnerability VCID-rr4q-f5cv-nkah
50
vulnerability VCID-st6v-ch5g-r7h2
51
vulnerability VCID-syrg-ckq7-cbd6
52
vulnerability VCID-u1xx-aazv-bkg5
53
vulnerability VCID-u4w3-usvb-jyf6
54
vulnerability VCID-ummk-h11z-bkaj
55
vulnerability VCID-uqcw-p8g2-cfd2
56
vulnerability VCID-v9v6-ae3e-g3hk
57
vulnerability VCID-vevm-4sfk-f7gq
58
vulnerability VCID-vrdx-165p-efda
59
vulnerability VCID-w6cz-mg4v-3udj
60
vulnerability VCID-wabj-ty5p-pfd6
61
vulnerability VCID-wbuz-qcp3-43aq
62
vulnerability VCID-ww44-hb2y-mfd5
63
vulnerability VCID-wwvq-399y-rfhc
64
vulnerability VCID-wzgs-fr3u-cbdn
65
vulnerability VCID-x2as-f9fx-9kff
66
vulnerability VCID-y74s-ghyc-2bhs
67
vulnerability VCID-yare-57j9-j7cs
68
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.7
aliases CVE-2017-6379, GHSA-gxxq-fhc7-3jv9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1ur-bb9m-m7d5
13
url VCID-nc36-atc6-yua6
vulnerability_id VCID-nc36-atc6-yua6
summary 
XSS Vulnerability
CKEditor, a third-party JavaScript library included in Drupal core, is affected by a cross-site scripting (XSS) vulnerability. It's possible to execute XSS inside CKEditor when using the `image2` plugin.
references
0
reference_url https://www.drupal.org/sa-core-2018-003
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-003
fixed_packages
0
url pkg:composer/drupal/core@8.4.7
purl pkg:composer/drupal/core@8.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3sr6-86jw-6fb9
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5kh7-v1uc-wfha
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-77zc-1gc8-r7b7
9
vulnerability VCID-7fs3-gwc7-nkes
10
vulnerability VCID-9ss3-mvt3-8bem
11
vulnerability VCID-bbzr-hbhv-yyee
12
vulnerability VCID-bkxp-gn34-67av
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-dgjq-y5zj-cud1
16
vulnerability VCID-dqf8-ea9f-yber
17
vulnerability VCID-ed6y-c9tz-mbds
18
vulnerability VCID-fwbj-ctxz-2bc6
19
vulnerability VCID-g33x-1paw-7udm
20
vulnerability VCID-gzcu-sbks-wyfa
21
vulnerability VCID-hgb1-xrne-e7c8
22
vulnerability VCID-hwnd-nuv7-jqbh
23
vulnerability VCID-j21d-w3g7-cbcg
24
vulnerability VCID-jctf-yffu-hbag
25
vulnerability VCID-jrb8-jnz4-83c8
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kam1-84p4-qych
28
vulnerability VCID-kdnk-7mz5-7ugf
29
vulnerability VCID-mapb-hsvc-2khc
30
vulnerability VCID-n119-gta2-kfg1
31
vulnerability VCID-n7un-zgqv-jfef
32
vulnerability VCID-nd8n-5dsu-2fbp
33
vulnerability VCID-qvbt-7e55-4bg4
34
vulnerability VCID-rhj7-dy7q-jkhw
35
vulnerability VCID-rr4q-f5cv-nkah
36
vulnerability VCID-st6v-ch5g-r7h2
37
vulnerability VCID-syrg-ckq7-cbd6
38
vulnerability VCID-u1xx-aazv-bkg5
39
vulnerability VCID-u4w3-usvb-jyf6
40
vulnerability VCID-ummk-h11z-bkaj
41
vulnerability VCID-uqcw-p8g2-cfd2
42
vulnerability VCID-v9v6-ae3e-g3hk
43
vulnerability VCID-vevm-4sfk-f7gq
44
vulnerability VCID-vrdx-165p-efda
45
vulnerability VCID-w6cz-mg4v-3udj
46
vulnerability VCID-wabj-ty5p-pfd6
47
vulnerability VCID-wbuz-qcp3-43aq
48
vulnerability VCID-ww44-hb2y-mfd5
49
vulnerability VCID-wwvq-399y-rfhc
50
vulnerability VCID-wzgs-fr3u-cbdn
51
vulnerability VCID-x2as-f9fx-9kff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.4.7
1
url pkg:composer/drupal/core@8.5.2
purl pkg:composer/drupal/core@8.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3s9f-prpy-hbcx
3
vulnerability VCID-3sr6-86jw-6fb9
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5kh7-v1uc-wfha
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-77zc-1gc8-r7b7
10
vulnerability VCID-7fs3-gwc7-nkes
11
vulnerability VCID-9ss3-mvt3-8bem
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-bkxp-gn34-67av
14
vulnerability VCID-c9dm-17vt-4bbc
15
vulnerability VCID-cucx-jfqf-pkd1
16
vulnerability VCID-dgjq-y5zj-cud1
17
vulnerability VCID-djgn-ezxp-37eu
18
vulnerability VCID-dqf8-ea9f-yber
19
vulnerability VCID-ed6y-c9tz-mbds
20
vulnerability VCID-fwbj-ctxz-2bc6
21
vulnerability VCID-g33x-1paw-7udm
22
vulnerability VCID-gzcu-sbks-wyfa
23
vulnerability VCID-hgb1-xrne-e7c8
24
vulnerability VCID-hwnd-nuv7-jqbh
25
vulnerability VCID-j21d-w3g7-cbcg
26
vulnerability VCID-jctf-yffu-hbag
27
vulnerability VCID-jrb8-jnz4-83c8
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kam1-84p4-qych
30
vulnerability VCID-kdnk-7mz5-7ugf
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-qvbt-7e55-4bg4
36
vulnerability VCID-rhj7-dy7q-jkhw
37
vulnerability VCID-rr4q-f5cv-nkah
38
vulnerability VCID-st6v-ch5g-r7h2
39
vulnerability VCID-syrg-ckq7-cbd6
40
vulnerability VCID-u1xx-aazv-bkg5
41
vulnerability VCID-u4w3-usvb-jyf6
42
vulnerability VCID-ummk-h11z-bkaj
43
vulnerability VCID-uqcw-p8g2-cfd2
44
vulnerability VCID-v9v6-ae3e-g3hk
45
vulnerability VCID-vevm-4sfk-f7gq
46
vulnerability VCID-vrdx-165p-efda
47
vulnerability VCID-w6cz-mg4v-3udj
48
vulnerability VCID-wabj-ty5p-pfd6
49
vulnerability VCID-wbuz-qcp3-43aq
50
vulnerability VCID-ww44-hb2y-mfd5
51
vulnerability VCID-wwvq-399y-rfhc
52
vulnerability VCID-wzgs-fr3u-cbdn
53
vulnerability VCID-x2as-f9fx-9kff
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.5.2
aliases SA-CORE-2018-003
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nc36-atc6-yua6
14
url VCID-sktb-khbq-cuaq
vulnerability_id VCID-sktb-khbq-cuaq
summary 
Incorrect cache context on password reset page
The user password reset form does not specify a proper cache context, which can lead to cache poisoning and unwanted content on the page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9450
reference_id
reference_type
scores
0
value 0.00227
scoring_system epss
scoring_elements 0.45439
published_at 2026-04-02T12:55:00Z
1
value 0.00227
scoring_system epss
scoring_elements 0.4546
published_at 2026-04-09T12:55:00Z
2
value 0.00227
scoring_system epss
scoring_elements 0.45365
published_at 2026-04-01T12:55:00Z
3
value 0.00227
scoring_system epss
scoring_elements 0.45452
published_at 2026-04-13T12:55:00Z
4
value 0.00227
scoring_system epss
scoring_elements 0.45451
published_at 2026-04-12T12:55:00Z
5
value 0.00227
scoring_system epss
scoring_elements 0.45481
published_at 2026-04-11T12:55:00Z
6
value 0.00227
scoring_system epss
scoring_elements 0.45459
published_at 2026-04-08T12:55:00Z
7
value 0.00227
scoring_system epss
scoring_elements 0.45405
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9450
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9450.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9450.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9450.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9450.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9450
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9450
5
reference_url https://www.drupal.org/SA-CORE-2016-005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-005
6
reference_url http://www.securityfocus.com/bid/94367
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94367
7
reference_url https://security.archlinux.org/ASA-201611-20
reference_id ASA-201611-20
reference_type
scores
url https://security.archlinux.org/ASA-201611-20
8
reference_url https://security.archlinux.org/AVG-74
reference_id AVG-74
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-74
9
reference_url https://github.com/advisories/GHSA-98w5-wqp9-w466
reference_id GHSA-98w5-wqp9-w466
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98w5-wqp9-w466
fixed_packages
0
url pkg:composer/drupal/core@8.2.3
purl pkg:composer/drupal/core@8.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-dqf8-ea9f-yber
25
vulnerability VCID-ed6y-c9tz-mbds
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-fwbj-ctxz-2bc6
28
vulnerability VCID-g1rp-twzp-63e1
29
vulnerability VCID-g33x-1paw-7udm
30
vulnerability VCID-ga35-289v-vqhr
31
vulnerability VCID-gzcu-sbks-wyfa
32
vulnerability VCID-hgb1-xrne-e7c8
33
vulnerability VCID-hpsp-5qtj-v7dq
34
vulnerability VCID-hwnd-nuv7-jqbh
35
vulnerability VCID-hzr8-ttbu-ebhg
36
vulnerability VCID-j21d-w3g7-cbcg
37
vulnerability VCID-jctf-yffu-hbag
38
vulnerability VCID-jnu7-1j9c-dqck
39
vulnerability VCID-jrb8-jnz4-83c8
40
vulnerability VCID-k1gx-nznx-7qd6
41
vulnerability VCID-kam1-84p4-qych
42
vulnerability VCID-kdnk-7mz5-7ugf
43
vulnerability VCID-krhy-kg1b-rfbk
44
vulnerability VCID-m1ur-bb9m-m7d5
45
vulnerability VCID-mapb-hsvc-2khc
46
vulnerability VCID-n119-gta2-kfg1
47
vulnerability VCID-n7un-zgqv-jfef
48
vulnerability VCID-nc36-atc6-yua6
49
vulnerability VCID-nd8n-5dsu-2fbp
50
vulnerability VCID-qvbt-7e55-4bg4
51
vulnerability VCID-rhj7-dy7q-jkhw
52
vulnerability VCID-rr4q-f5cv-nkah
53
vulnerability VCID-st6v-ch5g-r7h2
54
vulnerability VCID-syrg-ckq7-cbd6
55
vulnerability VCID-u1xx-aazv-bkg5
56
vulnerability VCID-u4w3-usvb-jyf6
57
vulnerability VCID-ummk-h11z-bkaj
58
vulnerability VCID-uqcw-p8g2-cfd2
59
vulnerability VCID-v9v6-ae3e-g3hk
60
vulnerability VCID-vevm-4sfk-f7gq
61
vulnerability VCID-vrdx-165p-efda
62
vulnerability VCID-w6cz-mg4v-3udj
63
vulnerability VCID-wabj-ty5p-pfd6
64
vulnerability VCID-wbuz-qcp3-43aq
65
vulnerability VCID-ww44-hb2y-mfd5
66
vulnerability VCID-wwvq-399y-rfhc
67
vulnerability VCID-wzgs-fr3u-cbdn
68
vulnerability VCID-x2as-f9fx-9kff
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.3
aliases CVE-2016-9450, GHSA-98w5-wqp9-w466
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sktb-khbq-cuaq
15
url VCID-vy1y-zkf3-4ue4
vulnerability_id VCID-vy1y-zkf3-4ue4
summary 
Denial of service via transliterate mechanism
A specially crafted URL can cause a denial of service via the transliterate mechanism.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9452
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59319
published_at 2026-04-02T12:55:00Z
1
value 0.00378
scoring_system epss
scoring_elements 0.59356
published_at 2026-04-13T12:55:00Z
2
value 0.00378
scoring_system epss
scoring_elements 0.59374
published_at 2026-04-12T12:55:00Z
3
value 0.00378
scoring_system epss
scoring_elements 0.5939
published_at 2026-04-11T12:55:00Z
4
value 0.00378
scoring_system epss
scoring_elements 0.59371
published_at 2026-04-09T12:55:00Z
5
value 0.00378
scoring_system epss
scoring_elements 0.59358
published_at 2026-04-08T12:55:00Z
6
value 0.00378
scoring_system epss
scoring_elements 0.59307
published_at 2026-04-07T12:55:00Z
7
value 0.00378
scoring_system epss
scoring_elements 0.59343
published_at 2026-04-04T12:55:00Z
8
value 0.00378
scoring_system epss
scoring_elements 0.59245
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9452
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9452.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9452.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9452.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9452.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9452
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9452
5
reference_url https://www.drupal.org/SA-CORE-2016-005
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-005
6
reference_url http://www.securityfocus.com/bid/94367
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94367
7
reference_url https://security.archlinux.org/ASA-201611-20
reference_id ASA-201611-20
reference_type
scores
url https://security.archlinux.org/ASA-201611-20
8
reference_url https://security.archlinux.org/AVG-74
reference_id AVG-74
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-74
9
reference_url https://github.com/advisories/GHSA-jpj8-49hr-wcwv
reference_id GHSA-jpj8-49hr-wcwv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpj8-49hr-wcwv
fixed_packages
0
url pkg:composer/drupal/core@8.2.3
purl pkg:composer/drupal/core@8.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-dqf8-ea9f-yber
25
vulnerability VCID-ed6y-c9tz-mbds
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-fwbj-ctxz-2bc6
28
vulnerability VCID-g1rp-twzp-63e1
29
vulnerability VCID-g33x-1paw-7udm
30
vulnerability VCID-ga35-289v-vqhr
31
vulnerability VCID-gzcu-sbks-wyfa
32
vulnerability VCID-hgb1-xrne-e7c8
33
vulnerability VCID-hpsp-5qtj-v7dq
34
vulnerability VCID-hwnd-nuv7-jqbh
35
vulnerability VCID-hzr8-ttbu-ebhg
36
vulnerability VCID-j21d-w3g7-cbcg
37
vulnerability VCID-jctf-yffu-hbag
38
vulnerability VCID-jnu7-1j9c-dqck
39
vulnerability VCID-jrb8-jnz4-83c8
40
vulnerability VCID-k1gx-nznx-7qd6
41
vulnerability VCID-kam1-84p4-qych
42
vulnerability VCID-kdnk-7mz5-7ugf
43
vulnerability VCID-krhy-kg1b-rfbk
44
vulnerability VCID-m1ur-bb9m-m7d5
45
vulnerability VCID-mapb-hsvc-2khc
46
vulnerability VCID-n119-gta2-kfg1
47
vulnerability VCID-n7un-zgqv-jfef
48
vulnerability VCID-nc36-atc6-yua6
49
vulnerability VCID-nd8n-5dsu-2fbp
50
vulnerability VCID-qvbt-7e55-4bg4
51
vulnerability VCID-rhj7-dy7q-jkhw
52
vulnerability VCID-rr4q-f5cv-nkah
53
vulnerability VCID-st6v-ch5g-r7h2
54
vulnerability VCID-syrg-ckq7-cbd6
55
vulnerability VCID-u1xx-aazv-bkg5
56
vulnerability VCID-u4w3-usvb-jyf6
57
vulnerability VCID-ummk-h11z-bkaj
58
vulnerability VCID-uqcw-p8g2-cfd2
59
vulnerability VCID-v9v6-ae3e-g3hk
60
vulnerability VCID-vevm-4sfk-f7gq
61
vulnerability VCID-vrdx-165p-efda
62
vulnerability VCID-w6cz-mg4v-3udj
63
vulnerability VCID-wabj-ty5p-pfd6
64
vulnerability VCID-wbuz-qcp3-43aq
65
vulnerability VCID-ww44-hb2y-mfd5
66
vulnerability VCID-wwvq-399y-rfhc
67
vulnerability VCID-wzgs-fr3u-cbdn
68
vulnerability VCID-x2as-f9fx-9kff
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.3
aliases CVE-2016-9452, GHSA-jpj8-49hr-wcwv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vy1y-zkf3-4ue4
16
url VCID-y74s-ghyc-2bhs
vulnerability_id VCID-y74s-ghyc-2bhs
summary 
Access Bypass
This is a critical access bypass vulnerability in Drupal.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6919
reference_id
reference_type
scores
0
value 0.00598
scoring_system epss
scoring_elements 0.6933
published_at 2026-04-02T12:55:00Z
1
value 0.00598
scoring_system epss
scoring_elements 0.69386
published_at 2026-04-13T12:55:00Z
2
value 0.00598
scoring_system epss
scoring_elements 0.694
published_at 2026-04-12T12:55:00Z
3
value 0.00598
scoring_system epss
scoring_elements 0.69416
published_at 2026-04-11T12:55:00Z
4
value 0.00598
scoring_system epss
scoring_elements 0.69393
published_at 2026-04-09T12:55:00Z
5
value 0.00598
scoring_system epss
scoring_elements 0.69377
published_at 2026-04-08T12:55:00Z
6
value 0.00598
scoring_system epss
scoring_elements 0.69327
published_at 2026-04-07T12:55:00Z
7
value 0.00598
scoring_system epss
scoring_elements 0.69347
published_at 2026-04-04T12:55:00Z
8
value 0.00598
scoring_system epss
scoring_elements 0.69318
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6919
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6919.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6919.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6919.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6919.yaml
4
reference_url https://groups.drupal.org/node/516645
reference_id
reference_type
scores
url https://groups.drupal.org/node/516645
5
reference_url https://www.drupal.org/SA-2017-002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-2017-002
6
reference_url https://www.drupal.org/SA-CORE-2017-002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-002
7
reference_url http://www.securityfocus.com/bid/97941
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/97941
8
reference_url http://www.securitytracker.com/id/1038371
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038371
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:alpha1:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:beta1:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc1:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc2:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6919
reference_id CVE-2017-6919
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6919
81
reference_url https://github.com/advisories/GHSA-6hpj-9xj7-2jxx
reference_id GHSA-6hpj-9xj7-2jxx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hpj-9xj7-2jxx
fixed_packages
0
url pkg:composer/drupal/core@8.2.8
purl pkg:composer/drupal/core@8.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-dgjq-y5zj-cud1
23
vulnerability VCID-dqf8-ea9f-yber
24
vulnerability VCID-ed6y-c9tz-mbds
25
vulnerability VCID-fm5k-u7s6-wfhb
26
vulnerability VCID-fwbj-ctxz-2bc6
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-g33x-1paw-7udm
29
vulnerability VCID-ga35-289v-vqhr
30
vulnerability VCID-gzcu-sbks-wyfa
31
vulnerability VCID-hgb1-xrne-e7c8
32
vulnerability VCID-hwnd-nuv7-jqbh
33
vulnerability VCID-hzr8-ttbu-ebhg
34
vulnerability VCID-j21d-w3g7-cbcg
35
vulnerability VCID-jctf-yffu-hbag
36
vulnerability VCID-jnu7-1j9c-dqck
37
vulnerability VCID-jrb8-jnz4-83c8
38
vulnerability VCID-k1gx-nznx-7qd6
39
vulnerability VCID-kam1-84p4-qych
40
vulnerability VCID-kdnk-7mz5-7ugf
41
vulnerability VCID-krhy-kg1b-rfbk
42
vulnerability VCID-mapb-hsvc-2khc
43
vulnerability VCID-n119-gta2-kfg1
44
vulnerability VCID-n7un-zgqv-jfef
45
vulnerability VCID-nc36-atc6-yua6
46
vulnerability VCID-nd8n-5dsu-2fbp
47
vulnerability VCID-qvbt-7e55-4bg4
48
vulnerability VCID-rhj7-dy7q-jkhw
49
vulnerability VCID-rr4q-f5cv-nkah
50
vulnerability VCID-st6v-ch5g-r7h2
51
vulnerability VCID-syrg-ckq7-cbd6
52
vulnerability VCID-u1xx-aazv-bkg5
53
vulnerability VCID-u4w3-usvb-jyf6
54
vulnerability VCID-ummk-h11z-bkaj
55
vulnerability VCID-uqcw-p8g2-cfd2
56
vulnerability VCID-v9v6-ae3e-g3hk
57
vulnerability VCID-vevm-4sfk-f7gq
58
vulnerability VCID-vrdx-165p-efda
59
vulnerability VCID-w6cz-mg4v-3udj
60
vulnerability VCID-wabj-ty5p-pfd6
61
vulnerability VCID-wbuz-qcp3-43aq
62
vulnerability VCID-ww44-hb2y-mfd5
63
vulnerability VCID-wwvq-399y-rfhc
64
vulnerability VCID-wzgs-fr3u-cbdn
65
vulnerability VCID-x2as-f9fx-9kff
66
vulnerability VCID-yare-57j9-j7cs
67
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.8
1
url pkg:composer/drupal/core@8.3.1
purl pkg:composer/drupal/core@8.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3hf4-tvxn-zyh4
3
vulnerability VCID-3sr6-86jw-6fb9
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5kh7-v1uc-wfha
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-77zc-1gc8-r7b7
12
vulnerability VCID-7fs3-gwc7-nkes
13
vulnerability VCID-9f24-vqyt-r7dq
14
vulnerability VCID-9ss3-mvt3-8bem
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-bkxp-gn34-67av
18
vulnerability VCID-c9dm-17vt-4bbc
19
vulnerability VCID-cucx-jfqf-pkd1
20
vulnerability VCID-cuk6-hskr-yyau
21
vulnerability VCID-dgjq-y5zj-cud1
22
vulnerability VCID-dqf8-ea9f-yber
23
vulnerability VCID-ed6y-c9tz-mbds
24
vulnerability VCID-fm5k-u7s6-wfhb
25
vulnerability VCID-fwbj-ctxz-2bc6
26
vulnerability VCID-g1rp-twzp-63e1
27
vulnerability VCID-g33x-1paw-7udm
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-hgb1-xrne-e7c8
31
vulnerability VCID-hwnd-nuv7-jqbh
32
vulnerability VCID-hzr8-ttbu-ebhg
33
vulnerability VCID-j21d-w3g7-cbcg
34
vulnerability VCID-jctf-yffu-hbag
35
vulnerability VCID-jnu7-1j9c-dqck
36
vulnerability VCID-jrb8-jnz4-83c8
37
vulnerability VCID-k1gx-nznx-7qd6
38
vulnerability VCID-kam1-84p4-qych
39
vulnerability VCID-kdnk-7mz5-7ugf
40
vulnerability VCID-krhy-kg1b-rfbk
41
vulnerability VCID-mapb-hsvc-2khc
42
vulnerability VCID-n119-gta2-kfg1
43
vulnerability VCID-n7un-zgqv-jfef
44
vulnerability VCID-nc36-atc6-yua6
45
vulnerability VCID-nd8n-5dsu-2fbp
46
vulnerability VCID-qvbt-7e55-4bg4
47
vulnerability VCID-rhj7-dy7q-jkhw
48
vulnerability VCID-rr4q-f5cv-nkah
49
vulnerability VCID-st6v-ch5g-r7h2
50
vulnerability VCID-syrg-ckq7-cbd6
51
vulnerability VCID-u1xx-aazv-bkg5
52
vulnerability VCID-u4w3-usvb-jyf6
53
vulnerability VCID-ummk-h11z-bkaj
54
vulnerability VCID-uqcw-p8g2-cfd2
55
vulnerability VCID-v9v6-ae3e-g3hk
56
vulnerability VCID-vevm-4sfk-f7gq
57
vulnerability VCID-vrdx-165p-efda
58
vulnerability VCID-w6cz-mg4v-3udj
59
vulnerability VCID-wabj-ty5p-pfd6
60
vulnerability VCID-wbuz-qcp3-43aq
61
vulnerability VCID-ww44-hb2y-mfd5
62
vulnerability VCID-wwvq-399y-rfhc
63
vulnerability VCID-wzgs-fr3u-cbdn
64
vulnerability VCID-x2as-f9fx-9kff
65
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.3.1
aliases CVE-2017-6919, GHSA-6hpj-9xj7-2jxx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y74s-ghyc-2bhs
17
url VCID-yrzt-3m97-53ce
vulnerability_id VCID-yrzt-3m97-53ce
summary 
Unprivileged access to taxonomy terms
Modules wishing to restrict access to taxonomy terms may be incompatible with queries generated both by Drupal core as well as those generated by contributed modules like Entity Reference. As a result, information on taxonomy terms may be disclosed to unprivileged users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9449
reference_id
reference_type
scores
0
value 0.00215
scoring_system epss
scoring_elements 0.44037
published_at 2026-04-02T12:55:00Z
1
value 0.00215
scoring_system epss
scoring_elements 0.44011
published_at 2026-04-13T12:55:00Z
2
value 0.00215
scoring_system epss
scoring_elements 0.44027
published_at 2026-04-12T12:55:00Z
3
value 0.00215
scoring_system epss
scoring_elements 0.44045
published_at 2026-04-09T12:55:00Z
4
value 0.00215
scoring_system epss
scoring_elements 0.4406
published_at 2026-04-11T12:55:00Z
5
value 0.00215
scoring_system epss
scoring_elements 0.43989
published_at 2026-04-01T12:55:00Z
6
value 0.00215
scoring_system epss
scoring_elements 0.44042
published_at 2026-04-08T12:55:00Z
7
value 0.00215
scoring_system epss
scoring_elements 0.43991
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9449
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9449
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9451
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9451
3
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9449.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9449.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9449.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9449.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9449
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9449
7
reference_url https://www.drupal.org/SA-CORE-2016-005
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-005
8
reference_url http://www.debian.org/security/2016/dsa-3718
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3718
9
reference_url http://www.securityfocus.com/bid/94367
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94367
10
reference_url https://security.archlinux.org/ASA-201611-20
reference_id ASA-201611-20
reference_type
scores
url https://security.archlinux.org/ASA-201611-20
11
reference_url https://security.archlinux.org/AVG-74
reference_id AVG-74
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-74
12
reference_url https://github.com/advisories/GHSA-p745-347h-hjfw
reference_id GHSA-p745-347h-hjfw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p745-347h-hjfw
fixed_packages
0
url pkg:composer/drupal/core@8.2.3
purl pkg:composer/drupal/core@8.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-dqf8-ea9f-yber
25
vulnerability VCID-ed6y-c9tz-mbds
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-fwbj-ctxz-2bc6
28
vulnerability VCID-g1rp-twzp-63e1
29
vulnerability VCID-g33x-1paw-7udm
30
vulnerability VCID-ga35-289v-vqhr
31
vulnerability VCID-gzcu-sbks-wyfa
32
vulnerability VCID-hgb1-xrne-e7c8
33
vulnerability VCID-hpsp-5qtj-v7dq
34
vulnerability VCID-hwnd-nuv7-jqbh
35
vulnerability VCID-hzr8-ttbu-ebhg
36
vulnerability VCID-j21d-w3g7-cbcg
37
vulnerability VCID-jctf-yffu-hbag
38
vulnerability VCID-jnu7-1j9c-dqck
39
vulnerability VCID-jrb8-jnz4-83c8
40
vulnerability VCID-k1gx-nznx-7qd6
41
vulnerability VCID-kam1-84p4-qych
42
vulnerability VCID-kdnk-7mz5-7ugf
43
vulnerability VCID-krhy-kg1b-rfbk
44
vulnerability VCID-m1ur-bb9m-m7d5
45
vulnerability VCID-mapb-hsvc-2khc
46
vulnerability VCID-n119-gta2-kfg1
47
vulnerability VCID-n7un-zgqv-jfef
48
vulnerability VCID-nc36-atc6-yua6
49
vulnerability VCID-nd8n-5dsu-2fbp
50
vulnerability VCID-qvbt-7e55-4bg4
51
vulnerability VCID-rhj7-dy7q-jkhw
52
vulnerability VCID-rr4q-f5cv-nkah
53
vulnerability VCID-st6v-ch5g-r7h2
54
vulnerability VCID-syrg-ckq7-cbd6
55
vulnerability VCID-u1xx-aazv-bkg5
56
vulnerability VCID-u4w3-usvb-jyf6
57
vulnerability VCID-ummk-h11z-bkaj
58
vulnerability VCID-uqcw-p8g2-cfd2
59
vulnerability VCID-v9v6-ae3e-g3hk
60
vulnerability VCID-vevm-4sfk-f7gq
61
vulnerability VCID-vrdx-165p-efda
62
vulnerability VCID-w6cz-mg4v-3udj
63
vulnerability VCID-wabj-ty5p-pfd6
64
vulnerability VCID-wbuz-qcp3-43aq
65
vulnerability VCID-ww44-hb2y-mfd5
66
vulnerability VCID-wwvq-399y-rfhc
67
vulnerability VCID-wzgs-fr3u-cbdn
68
vulnerability VCID-x2as-f9fx-9kff
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.2.3
aliases CVE-2016-9449, GHSA-p745-347h-hjfw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yrzt-3m97-53ce
18
url VCID-yty5-zn46-r3dj
vulnerability_id VCID-yty5-zn46-r3dj
summary 
Unprivileged access to "Administer comments"
Users who have rights to edit a node can set the visibility on comments for that node. This should be restricted to those who have the administer comments permission.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7570
reference_id
reference_type
scores
0
value 0.00345
scoring_system epss
scoring_elements 0.57006
published_at 2026-04-01T12:55:00Z
1
value 0.00345
scoring_system epss
scoring_elements 0.57143
published_at 2026-04-12T12:55:00Z
2
value 0.00345
scoring_system epss
scoring_elements 0.57164
published_at 2026-04-11T12:55:00Z
3
value 0.00345
scoring_system epss
scoring_elements 0.57152
published_at 2026-04-09T12:55:00Z
4
value 0.00345
scoring_system epss
scoring_elements 0.5715
published_at 2026-04-08T12:55:00Z
5
value 0.00345
scoring_system epss
scoring_elements 0.57099
published_at 2026-04-07T12:55:00Z
6
value 0.00345
scoring_system epss
scoring_elements 0.57123
published_at 2026-04-13T12:55:00Z
7
value 0.00345
scoring_system epss
scoring_elements 0.571
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7570
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7570.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7570.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7570.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7570.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7570
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7570
5
reference_url https://www.drupal.org/SA-CORE-2016-004
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-004
6
reference_url http://www.securityfocus.com/bid/93101
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93101
7
reference_url http://www.securitytracker.com/id/1036886
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1036886
8
reference_url https://github.com/advisories/GHSA-6g9h-6v79-w4pc
reference_id GHSA-6g9h-6v79-w4pc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6g9h-6v79-w4pc
fixed_packages
0
url pkg:composer/drupal/core@8.1.10
purl pkg:composer/drupal/core@8.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-dqf8-ea9f-yber
25
vulnerability VCID-ed6y-c9tz-mbds
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-fwbj-ctxz-2bc6
28
vulnerability VCID-g1rp-twzp-63e1
29
vulnerability VCID-g33x-1paw-7udm
30
vulnerability VCID-ga35-289v-vqhr
31
vulnerability VCID-gzcu-sbks-wyfa
32
vulnerability VCID-hgb1-xrne-e7c8
33
vulnerability VCID-hpsp-5qtj-v7dq
34
vulnerability VCID-hwnd-nuv7-jqbh
35
vulnerability VCID-hzr8-ttbu-ebhg
36
vulnerability VCID-j21d-w3g7-cbcg
37
vulnerability VCID-jctf-yffu-hbag
38
vulnerability VCID-jnu7-1j9c-dqck
39
vulnerability VCID-jrb8-jnz4-83c8
40
vulnerability VCID-k1gx-nznx-7qd6
41
vulnerability VCID-kam1-84p4-qych
42
vulnerability VCID-kdnk-7mz5-7ugf
43
vulnerability VCID-krhy-kg1b-rfbk
44
vulnerability VCID-m1ur-bb9m-m7d5
45
vulnerability VCID-mapb-hsvc-2khc
46
vulnerability VCID-n119-gta2-kfg1
47
vulnerability VCID-n7un-zgqv-jfef
48
vulnerability VCID-nc36-atc6-yua6
49
vulnerability VCID-nd8n-5dsu-2fbp
50
vulnerability VCID-qvbt-7e55-4bg4
51
vulnerability VCID-rhj7-dy7q-jkhw
52
vulnerability VCID-rr4q-f5cv-nkah
53
vulnerability VCID-sktb-khbq-cuaq
54
vulnerability VCID-st6v-ch5g-r7h2
55
vulnerability VCID-syrg-ckq7-cbd6
56
vulnerability VCID-u1xx-aazv-bkg5
57
vulnerability VCID-u4w3-usvb-jyf6
58
vulnerability VCID-ummk-h11z-bkaj
59
vulnerability VCID-uqcw-p8g2-cfd2
60
vulnerability VCID-v9v6-ae3e-g3hk
61
vulnerability VCID-vevm-4sfk-f7gq
62
vulnerability VCID-vrdx-165p-efda
63
vulnerability VCID-vy1y-zkf3-4ue4
64
vulnerability VCID-w6cz-mg4v-3udj
65
vulnerability VCID-wabj-ty5p-pfd6
66
vulnerability VCID-wbuz-qcp3-43aq
67
vulnerability VCID-ww44-hb2y-mfd5
68
vulnerability VCID-wwvq-399y-rfhc
69
vulnerability VCID-wzgs-fr3u-cbdn
70
vulnerability VCID-x2as-f9fx-9kff
71
vulnerability VCID-y74s-ghyc-2bhs
72
vulnerability VCID-yare-57j9-j7cs
73
vulnerability VCID-ymka-jfep-87gt
74
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.1.10
aliases CVE-2016-7570, GHSA-6g9h-6v79-w4pc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yty5-zn46-r3dj
19
url VCID-zvtp-4we3-qygx
vulnerability_id VCID-zvtp-4we3-qygx
summary 
Unprivileged access to config export
The `system.temporary` route allows the download of a full config export. The full config export should be limited to those with "Export configuration" permission.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7572
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48545
published_at 2026-04-02T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48577
published_at 2026-04-13T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48564
published_at 2026-04-12T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.48591
published_at 2026-04-11T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48568
published_at 2026-04-04T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.4851
published_at 2026-04-01T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.4857
published_at 2026-04-09T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48574
published_at 2026-04-08T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.4852
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7572
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7572.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7572.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7572.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7572.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7572
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7572
5
reference_url https://www.drupal.org/SA-CORE-2016-004
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-004
6
reference_url http://www.securityfocus.com/bid/93101
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93101
7
reference_url http://www.securitytracker.com/id/1036886
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1036886
8
reference_url https://github.com/advisories/GHSA-fmqh-2j2x-vgp3
reference_id GHSA-fmqh-2j2x-vgp3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fmqh-2j2x-vgp3
fixed_packages
0
url pkg:composer/drupal/core@8.1.10
purl pkg:composer/drupal/core@8.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-3sr6-86jw-6fb9
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5kh7-v1uc-wfha
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-77zc-1gc8-r7b7
13
vulnerability VCID-7fs3-gwc7-nkes
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9ss3-mvt3-8bem
16
vulnerability VCID-9vdz-1jpq-kue3
17
vulnerability VCID-bbzr-hbhv-yyee
18
vulnerability VCID-bkxp-gn34-67av
19
vulnerability VCID-c9dm-17vt-4bbc
20
vulnerability VCID-cucx-jfqf-pkd1
21
vulnerability VCID-cuk6-hskr-yyau
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-dqf8-ea9f-yber
25
vulnerability VCID-ed6y-c9tz-mbds
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-fwbj-ctxz-2bc6
28
vulnerability VCID-g1rp-twzp-63e1
29
vulnerability VCID-g33x-1paw-7udm
30
vulnerability VCID-ga35-289v-vqhr
31
vulnerability VCID-gzcu-sbks-wyfa
32
vulnerability VCID-hgb1-xrne-e7c8
33
vulnerability VCID-hpsp-5qtj-v7dq
34
vulnerability VCID-hwnd-nuv7-jqbh
35
vulnerability VCID-hzr8-ttbu-ebhg
36
vulnerability VCID-j21d-w3g7-cbcg
37
vulnerability VCID-jctf-yffu-hbag
38
vulnerability VCID-jnu7-1j9c-dqck
39
vulnerability VCID-jrb8-jnz4-83c8
40
vulnerability VCID-k1gx-nznx-7qd6
41
vulnerability VCID-kam1-84p4-qych
42
vulnerability VCID-kdnk-7mz5-7ugf
43
vulnerability VCID-krhy-kg1b-rfbk
44
vulnerability VCID-m1ur-bb9m-m7d5
45
vulnerability VCID-mapb-hsvc-2khc
46
vulnerability VCID-n119-gta2-kfg1
47
vulnerability VCID-n7un-zgqv-jfef
48
vulnerability VCID-nc36-atc6-yua6
49
vulnerability VCID-nd8n-5dsu-2fbp
50
vulnerability VCID-qvbt-7e55-4bg4
51
vulnerability VCID-rhj7-dy7q-jkhw
52
vulnerability VCID-rr4q-f5cv-nkah
53
vulnerability VCID-sktb-khbq-cuaq
54
vulnerability VCID-st6v-ch5g-r7h2
55
vulnerability VCID-syrg-ckq7-cbd6
56
vulnerability VCID-u1xx-aazv-bkg5
57
vulnerability VCID-u4w3-usvb-jyf6
58
vulnerability VCID-ummk-h11z-bkaj
59
vulnerability VCID-uqcw-p8g2-cfd2
60
vulnerability VCID-v9v6-ae3e-g3hk
61
vulnerability VCID-vevm-4sfk-f7gq
62
vulnerability VCID-vrdx-165p-efda
63
vulnerability VCID-vy1y-zkf3-4ue4
64
vulnerability VCID-w6cz-mg4v-3udj
65
vulnerability VCID-wabj-ty5p-pfd6
66
vulnerability VCID-wbuz-qcp3-43aq
67
vulnerability VCID-ww44-hb2y-mfd5
68
vulnerability VCID-wwvq-399y-rfhc
69
vulnerability VCID-wzgs-fr3u-cbdn
70
vulnerability VCID-x2as-f9fx-9kff
71
vulnerability VCID-y74s-ghyc-2bhs
72
vulnerability VCID-yare-57j9-j7cs
73
vulnerability VCID-ymka-jfep-87gt
74
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.1.10
aliases CVE-2016-7572, GHSA-fmqh-2j2x-vgp3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zvtp-4we3-qygx
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.0.0-beta11